Re: UDP catchall

On Sat, Oct 27, 2007 at 04:21:23AM +0100, Bruce M. Simpson wrote:
Matus Harvan wrote:
Hi,

I was wondering if I could get some feedback about the patch and
whether others think it could be committed.


The UDP catchall patch as submitted here clashes with the blackhole
functionality, and also bypasses the update of the protocol statistics and
unreachable port rate limiting. It is not yet suitable for a production
kernel.

I do not see how it clashes with the blackhole functionality. If
catchall is enabled then a UDP packet destined for port, which is not
used by any other UDP socket, is passed to rip_input() and would show
up on the raw socket. This happens irrespective of te blackhole
functionality being enabled or not.

I think the protocol statistics for UDP are updated. Which one is
missing?

The catchall feature has its own rate limit, catchallr. This is
different from the unreachable port rate limit. Hence, I don't see a
problem in bypassing the unreachable port rate limiting.

It probably shouldn't trigger the log_in_vain message, however that log
message is misleading anyway (the reception of UDP datagrams destined for
unbound ports is not a 'connection attempt').

I think the log_in_vain message is triggered only if the packet is not
passed to the raw socket, i.e., if catchalllim is exhausted. Then the
normal way for processing the packet is followed. Is this what you
have meant with triggering the log_in_vain message?

Matus

Attachment: pgpATnGEt5fQY.pgp
Description: PGP signature