diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2016-03-21 15:52:28 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2016-03-21 15:52:28 +0000 |
| commit | 95115698abd8a112b96ae56c328f254615c2a638 (patch) | |
| tree | b02dfbe392759118d9deb09babfdadd13f067513 | |
| parent | e25b6e904b4dccbcc7eafbcaae3a8202521f0616 (diff) | |
Add a tcps_sc_seedrandom counter in TCP SYN cache and netstat -s.
This shows how often the hash function is reseeded and the random
bucket distribution changes.
OK mpi@ claudio@
| -rw-r--r-- | sys/netinet/tcp_input.c | 6 | ||||
| -rw-r--r-- | sys/netinet/tcp_var.h | 3 | ||||
| -rw-r--r-- | usr.bin/netstat/inet.c | 3 |
3 files changed, 8 insertions, 4 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index b367d703ca6..7276b44598b 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.314 2016/03/07 18:44:00 naddy Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.315 2016/03/21 15:52:27 bluhm Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -3371,8 +3371,10 @@ syn_cache_insert(struct syn_cache *sc, struct tcpcb *tp) * If there are no entries in the hash table, reinitialize * the hash secrets. */ - if (tcp_syn_cache_count == 0) + if (tcp_syn_cache_count == 0) { arc4random_buf(tcp_syn_hash, sizeof(tcp_syn_hash)); + tcpstat.tcps_sc_seedrandom++; + } SYN_HASHALL(sc->sc_hash, &sc->sc_src.sa, &sc->sc_dst.sa); sc->sc_bucketidx = sc->sc_hash % tcp_syn_cache_size; diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index 3a2c66d8652..0e7d24fba05 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_var.h,v 1.109 2015/08/27 20:56:16 bluhm Exp $ */ +/* $OpenBSD: tcp_var.h,v 1.110 2016/03/21 15:52:27 bluhm Exp $ */ /* $NetBSD: tcp_var.h,v 1.17 1996/02/13 23:44:24 christos Exp $ */ /* @@ -440,6 +440,7 @@ struct tcpstat { u_int64_t tcps_sc_dropped; /* # of SYNs dropped (no route/mem) */ u_int64_t tcps_sc_collisions; /* # of hash collisions */ u_int64_t tcps_sc_retransmitted;/* # of retransmissions */ + u_int64_t tcps_sc_seedrandom; /* # of syn cache seeds with random */ u_int64_t tcps_conndrained; /* # of connections drained */ diff --git a/usr.bin/netstat/inet.c b/usr.bin/netstat/inet.c index a56d5d51a03..81fb5de0727 100644 --- a/usr.bin/netstat/inet.c +++ b/usr.bin/netstat/inet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: inet.c,v 1.144 2015/08/20 22:32:41 deraadt Exp $ */ +/* $OpenBSD: inet.c,v 1.145 2016/03/21 15:52:27 bluhm Exp $ */ /* $NetBSD: inet.c,v 1.14 1995/10/03 21:42:37 thorpej Exp $ */ /* @@ -455,6 +455,7 @@ tcp_stats(char *name) p(tcps_sc_dupesyn, "\t%qd duplicate SYN%s received for entries " "already in the cache\n"); p(tcps_sc_dropped, "\t%qd SYN%s dropped (no route or no space)\n"); + p(tcps_sc_seedrandom, "\t%qd SYN cache seed%s with new random\n"); p(tcps_sack_recovery_episode, "\t%qd SACK recovery episode%s\n"); p(tcps_sack_rexmits, |