> It is not enough, because
> 1. It does not allow us to associate the checksum
> errors with the erroneous packets (e.g., in a PPP log).
??? checksum errors can be caused by every packet, you mean you log all
packets going over your PPP link? The CCP et.al. packets you see in your PPP
log when you enable debug are never seen by the TCP/IP stack, they are
passed directly between the kernel driver and pppd. Although they have
their own checksum (the PPP link layer crc16) which is checked, packets
that fail the csum test are properly thrown away without logging them
(except for device error counter shown by ifconfig).
Also it is not the full picture, the current kernel only prints the
debugging message when the UDP/TCP checksum fails - for ICMP checksums
(except during masquerading) or IP headers there is only a counter.
> 2. It is useful to see which IP addresses are causing errors.
If you want that write a user mode daemon - it is a trivial modification
of tcpdump.
I see no actual evidence that logging checksum errors brings any advantage
at all, worse it allows denial of service attacks easily.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/