Re: Patch: accept filters for NetBSD

To: Thor Lancelot Simon <tls%coyotepoint.com@localhost>
Subject: Re: Patch: accept filters for NetBSD
From: Iain Hibbert <plunky%rya-online.net@localhost>
Date: Tue, 29 Jan 2008 09:19:45 +0000 (GMT)

On Mon, 28 Jan 2008, Thor Lancelot Simon wrote:

> A coworker has ported the FreeBSD "accept filter" functionality to
> NetBSD (approximately 4.99.40 -- I think the attached patch should
> apply cleanly to HEAD today, however).  Accept filters are kernel
> level filters, enabled with setsockopt(), which can perform arbitrary
> operations on a TCP or local stream connection before accept() returns
> to userspace or the listen socket selects ready for accept.  Think of
> it as a much more sophisticated version of the socket watermark.

I think I like this idea (have not studied it in detail) except that

+#ifdef INET
+       case SO_ACCEPTFILTER:
+               error = do_setopt_accept_filter(so, m);
+               if (error)
+                       return error;
+               break;
+#endif

I'm not sure why its for INET only?

does the filter apply to the socket that it is optioned from or for all
sockets?

There is a case in the bluetooth land to be able to limit connections to a
specific remote device address. This is possible inside the kernel as a
protocol callback indicates if it wants to accept or not but it would be
interesting to be able to do this from userland, if this mechanism was
generic enough.

iain

References:
- Patch: accept filters for NetBSD
  - From: Thor Lancelot Simon

Prev by Date: Re: Patch: accept filters for NetBSD
Next by Date: Re: Patch: accept filters for NetBSD
Previous by Thread: Re: Patch: accept filters for NetBSD
Next by Thread: NetBSD 4.0 - RFC 1323 changes?
Indexes:

Home | Main Index | Thread Index | Old Index