lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <4FA43A03.4090707@hp.com> Date: Fri, 04 May 2012 13:20:19 -0700 From: Rick Jones <rick.jones2@...com> To: Eric Dumazet <eric.dumazet@...il.com> CC: David Miller <davem@...emloft.net>, netdev <netdev@...r.kernel.org>, Perry Lorier <perryl@...gle.com>, Matt Mathis <mattmathis@...gle.com>, Yuchung Cheng <ycheng@...gle.com>, Neal Cardwell <ncardwell@...gle.com>, Tom Herbert <therbert@...gle.com>, Wilmer van der Gaast <wilmer@...gle.com>, Dave Täht <dave.taht@...ferbloat.net>, Ankur Jain <jankur@...gle.com> Subject: Re: [PATCH net-next] tcp: be more strict before accepting ECN negociation On 05/04/2012 12:05 PM, Eric Dumazet wrote: > On Fri, 2012-05-04 at 11:48 -0700, Rick Jones wrote: >> I'll fire-up tcpdump on netperf.org: >> >> tcpdump -i eth0 -vvv '(tcp[tcpflags]& tcp-syn != 0)&& (ip[1] != 0x0)' >> >> and see what appears. >> >> rick > > of (ip[1]& 3 != 0) True, I'm looking at more than the ECN bits, but in the 90 minutes the tcpdump has been running there have been no packets with the any of the 8 bits at ip[1] being 1 anyway :) Netperf.org doesn't get a massive quantity of traffic. It may go the entire week-end or longer without seeing such a packet. > Note that you could catch SYNACK with this filter (if your machine > initiates some active TCP sessions), since SYNACK might have ECT bits, > if some stacks implemented : > > http://tools.ietf.org/html/draft-kuzmanovic-ecn-syn-00 ( Adding > Explicit Congestion Notification (ECN) Capability to TCP's SYN/ACK > Packets ) > > http://tools.ietf.org/id/draft-ietf-tcpm-ecnsyn-04.txt True. I suspect that 99 times out of 10, the outbound connections established by netperf.org are in response to traffic to netperf-talk, which is itself a rather quiet list, so I'm not too worried about the output being cluttered with false hits. rick -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists