I should have writen: a sysctl, with the default to off, for better
T/TCP interoperability for people in intranets where they don't care
too much about DOS attacks.
Another point: we could limit the maximal data sized queued with the SYN -
as long as sizeof(struct open_request) + maxpacketsize <= sizeof(struct sock)
the situation is not worse than with stock 2.0 without syncookies ;)
T/TCP is often nice for small transactions where only a few bytes need
to be reliably transfered. This check would allow that nicely.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu