Re: Firewalling and network resource consumption while under attack

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 21 Sep 1998 18:38:15 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: kuznet@ms2.inr.ac.ru: "Re: Today Linus redesigns the networking driver interface (was Re: tulip driver in ...)"
Previous message: kwrohrer@ce.mediaone.net: "Re: Linux, UDI and SCO."
In reply to: Terry L Ridder: "Re: Linux, UDI and SCO."
Next in thread: david: "Re: Firewalling and network resource consumption while under attack"
Reply: david: "Re: Firewalling and network resource consumption while under attack"

> If a firewall rule is in place to drop the packet on the floor, should
> those packets still be allowed to consume the entire network stack?
> Shouldn't there be a bit reserved for the communications that are already
> in place?

The firewall drops packets incoming for IP as soon as its proved they are
valid IP headers and fed them to the firewall.

> stalled after that. Of the six running connections I had (all ssh) all
> but two of them stalled.

That sounds like someone ran out of bandwidth. You are describing classic
capture effect . How much do you know about your providers bandwidth 8)

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: kuznet@ms2.inr.ac.ru: "Re: Today Linus redesigns the networking driver interface (was Re: tulip driver in ...)"
Previous message: kwrohrer@ce.mediaone.net: "Re: Linux, UDI and SCO."
In reply to: Terry L Ridder: "Re: Linux, UDI and SCO."
Next in thread: david: "Re: Firewalling and network resource consumption while under attack"
Reply: david: "Re: Firewalling and network resource consumption while under attack"