Re: Dynamic IP hack (PR#294)

Andi Kleen (ak@muc.de)
Mon, 19 Oct 1998 00:58:29 +0200


On Mon, Oct 19, 1998 at 01:47:57AM +0200, Alan Cox wrote:
> 2. Killing connections on a drop. This potentially violates the RFC
> check rules on time wait unless you are very careful. Also tell me
> why it cant be done in user space by turning /proc/net/ into a set
> of temporary 'reject' filter rules

The RFC TIME_WAIT rules only make sense when the connection endpoint
(address/port) still exists. For a dynamic address that is gone that isn't
the case.

-Andi

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/