| To: | darrenr@reed.wattle.id.au |
|---|---|
| Subject: | Re: Keep state connections randomly dropped |
| From: | "Saša Nedvědický" <anedvedicky@gmail.com> |
| Date: | Wed, 21 Mar 2007 12:16:13 +0100 |
| Cc: | ipfilter@coombs.anu.edu.au |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | ipfilter-list@securepoint.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Ioxv1G9CCij7cwUYCR2szq2MmbqMYhXfHLG+SW8B3qVE5t/Ie7XAjZkoQXUkOQnnj/i2n8/TtjVrhxNMROkH8f9xfdnczCmtNqclArvujIbEL9mqPTA9Xsd/w1D4mDJ0Xi+AsHxVajUWZKxklq/42GBOMKg02Tp12OikAbQSFGo= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=VavrGkHU2dgcMcJUomZj3gaVX3BLzjb4G1EzAmU7efTMtIuBeOOw/FkHq5UCoeUU5mLa9i9Y1df5+yu7bJgo1ra3mhYF+pQ+8V5Ol2vbz3w92aZxCAmOQxa0CtJuj2eyGMKAxLlOJ5V5ZJVzLAEUK1zqd544WAAKhOo+CbG1mII= |
| In-reply-to: | <4600FD38.9040501@reed.wattle.id.au> |
| References: | <b274e6c20703201245n4909751cn2edf805915eddf77@mail.gmail.com> <4600FD38.9040501@reed.wattle.id.au> |
| Sender: | owner-ipfilter@coombs.anu.edu.au |
hello, the idea is right...but perhaps a different change can be made so that this if() doesn't need to be so complex and the natural comparison holds true... it's just a trade, make a change in one single place even it looks complex (awful), make it nice here and introduce more changes (bugs) elsewhere. one has to decide. IPF_TCPS_SYN_SENT and the other is IPF_TCPS_LISTEN. or maybe that does make sense? as far as I can understand it is the same state as SYN RECVD state in TCP state machine. I've check sources quickly, It has turned out that IPF_TCPS_LISTEN is not being used anywhere. I think it can be removed. regards sasha 2007/3/21, Darren Reed <darrenr@reed.wattle.id.au>: the idea is right...but perhaps a different change can be made so that this if() doesn't need to be so complex and the natural comparison holds true... I'm thinking of either chanigng _CLOSED to be 11 (and renumbering all of the other states, so that _LIStEN becomes 0) or adding a new one, IPF_TCPS_DELETE. The problem with making _CLOSED be 11 (rather than 0) and _LISTEN be 0, is that _LISTEN isn't technically correct (or maybe it is?), for state that has been created by the first SYN packet, so one side s IPF_TCPS_SYN_SENT and the other is IPF_TCPS_LISTEN. or maybe that does make sense? Darren |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Keep state connections randomly dropped, Darren Reed |
|---|---|
| Next by Date: | in what interface should i put pass in and pass out?, T X |
| Previous by Thread: | Re: Keep state connections randomly dropped, Darren Reed |
| Next by Thread: | Re: pfil2.1.11 performance issues - pfil_printmchain sprintf, Darren Reed |
| Indexes: | [Date] [Thread] [Top] [All Lists] |