| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANn89i+HgJu_mRptWY85aVBS_gTEaeM+0HPpmw1qcx7vme8YSw@mail.gmail.com>
Date: Thu, 10 Nov 2022 15:46:02 -0800
From: Eric Dumazet <edumazet@...gle.com>
To: Stephen Hemminger <stephen@...workplumber.org>
Cc: Jamie Bainbridge <jamie.bainbridge@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
David Ahern <dsahern@...nel.org>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tcp: Add listening address to SYN flood message
On Thu, Nov 10, 2022 at 3:39 PM Stephen Hemminger
<stephen@...workplumber.org> wrote:
>
> On Thu, 10 Nov 2022 21:21:06 +1100
> Jamie Bainbridge <jamie.bainbridge@...il.com> wrote:
>
> > + xchg(&queue->synflood_warned, 1) == 0) {
> > +#if IS_ENABLED(CONFIG_IPV6)
> > + if (sk->sk_family == AF_INET6) {
> > + net_info_ratelimited("%s: Possible SYN flooding on port %d. IP %pI6c. %s. Check SNMP counters.\n",
> > + proto, sk->sk_num,
> > + &sk->sk_v6_rcv_saddr, msg);
> > + } else
> > +#endif
> > + {
> > + net_info_ratelimited("%s: Possible SYN flooding on port %d. IP %pI4. %s. Check SNMP counters.\n",
> > + proto, sk->sk_num, &sk->sk_rcv_saddr, msg);
> > + }
> > + }
> >
>
> Port number is unsigned not signed.
> Message also seems overly wordy to me.
Also, it is customary to use IP.port format (like most tools, see tcpdump)
Powered by blists - more mailing lists