>
> Anyone considered the fact that this could be a safety feature there to
> keep outside attackers from eating CPU time ?
> Fact is I prefer it this way, why bother putting in a check for localhost?
> I've seen some interesting spoofs to make it look like the packet came
> from localhost...
>
But it's not dropping packets per proc/net/dev.
However..
--- localhost ping statistics ---
2042 packets transmitted, 766 packets received, 62% packet loss
round-trip min/avg/max = 6.0/673.4/1311.1 ms
watching with 'tcpdump -lni lo |tee xx' shows
6530 packets received by filter
0 packets dropped by kernel
and 'grep request xx | wc -l' says 3266 or 1633 pings.
The numbers just don't add up right :) Seems ping agrees with proc as
to how many packets are sent, disagrees wrt dropping, and tcpdump is
missing a big chunk of packets.
06:36:31.319200 127.0.0.1 > 127.0.0.1: icmp: echo request
06:36:31.319200 127.0.0.1 > 127.0.0.1: icmp: echo request
06:36:31.319343 127.0.0.1 > 127.0.0.1: icmp: echo reply
06:36:31.319343 127.0.0.1 > 127.0.0.1: icmp: echo reply
06:36:31.319728 127.0.0.1 > 127.0.0.1: icmp: echo request
06:36:31.319728 127.0.0.1 > 127.0.0.1: icmp: echo request
06:36:31.319876 127.0.0.1 > 127.0.0.1: icmp: echo reply <===
06:36:31.544016 127.0.0.1 > 127.0.0.1: icmp: echo request
06:36:31.544016 127.0.0.1 > 127.0.0.1: icmp: echo request
06:36:31.544224 127.0.0.1 > 127.0.0.1: icmp: echo reply
06:36:31.544224 127.0.0.1 > 127.0.0.1: icmp: echo reply
06:36:31.546161 127.0.0.1 > 127.0.0.1: icmp: echo request
06:36:31.546161 127.0.0.1 > 127.0.0.1: icmp: echo request
06:36:31.546327 127.0.0.1 > 127.0.0.1: icmp: echo reply
06:36:31.546327 127.0.0.1 > 127.0.0.1: icmp: echo reply
-Mike
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/