diff options
| author | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2002-02-22 02:49:07 +0000 |
|---|---|---|
| committer | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2002-02-22 02:49:07 +0000 |
| commit | 93584234187e67cb16db92af3c3a6969f9309386 (patch) | |
| tree | 4b49f9e47cb536c38b184a35c0448442403912c2 /sys/netinet | |
| parent | 8c62f4947b2044e167eadb333c65a59d2c3ad416 (diff) | |
do not transmit ICMP source quench. from kjc/kame
Diffstat (limited to 'sys/netinet')
| -rw-r--r-- | sys/netinet/ip_input.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index be6d19b40d4..e76ac66a9b9 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_input.c,v 1.98 2002/01/25 15:50:23 art Exp $ */ +/* $OpenBSD: ip_input.c,v 1.99 2002/02/22 02:49:06 itojun Exp $ */ /* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */ /* @@ -1532,9 +1532,21 @@ ip_forward(m, srcrt) break; case ENOBUFS: +#if 1 + /* + * a router should not generate ICMP_SOURCEQUENCH as + * required in RFC1812 Requirements for IP Version 4 Routers. + * source quench could be a big problem under DoS attacks, + * or the underlying interface is rate-limited. + */ + if (mcopy) + m_freem(mcopy); + return; +#else type = ICMP_SOURCEQUENCH; code = 0; break; +#endif } icmp_error(mcopy, type, code, dest, destifp); |