diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2008-10-31 21:08:34 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2008-10-31 21:08:34 +0000 |
| commit | 5a8cc0a24954cf7f5e24e4c125179a80d5b3c5ed (patch) | |
| tree | a413e94373c5a2e23336dc876040347ed4e24d66 /sys | |
| parent | 3ba94d9aa25f74adabb9aa2ed296c9542bb41112 (diff) | |
Be way more strict in the number of packets allowed to be queued in the
arp layer. With a lot of input from deraadt@.
OK dlg@, looks good gollo@ + deraadt@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/if_ether.c | 44 | ||||
| -rw-r--r-- | sys/netinet/if_ether.h | 4 |
2 files changed, 30 insertions, 18 deletions
diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c index 22a3625bf3b..d089a8d3b17 100644 --- a/sys/netinet/if_ether.c +++ b/sys/netinet/if_ether.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_ether.c,v 1.77 2008/10/30 09:39:05 gollo Exp $ */ +/* $OpenBSD: if_ether.c,v 1.78 2008/10/31 21:08:33 claudio Exp $ */ /* $NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $ */ /* @@ -90,14 +90,14 @@ struct ifqueue arpintrq = {0, 0, 0, 50}; int arp_inuse, arp_allocated, arp_intimer; int arp_maxtries = 5; int useloopback = 1; /* use loopback interface for local traffic */ -int arpinit_done = 0; -int la_hold_total = 0; +int arpinit_done; +int la_hold_total; /* revarp state */ struct in_addr myip, srv_ip; -int myip_initialized = 0; -int revarp_in_progress = 0; -struct ifnet *myip_ifp = NULL; +int myip_initialized; +int revarp_in_progress; +struct ifnet *myip_ifp; #ifdef DDB #include <uvm/uvm_extern.h> @@ -423,16 +423,19 @@ arpresolve(ac, rt, m, dst, desten) /* * There is an arptab entry, but no ethernet address - * response yet. Insert mbuf in hold queue. + * response yet. Insert mbuf in hold queue if below limit + * if above the limit free the queue without queuing the new packet. */ - if (la->la_hold_count >= MAX_HOLD_QUEUE) { - mh = la->la_hold_head; - la->la_hold_head = la->la_hold_head->m_nextpkt; - la->la_hold_count--; - la_hold_total--; - m_freem(mh); - } - if (la_hold_total < MAX_HOLD_TOTAL) { + if (la_hold_total < MAX_HOLD_TOTAL && la_hold_total < nmbclust / 64) { + if (la->la_hold_count >= MAX_HOLD_QUEUE) { + mh = la->la_hold_head; + la->la_hold_head = la->la_hold_head->m_nextpkt; + if (mh == la->la_hold_tail) + la->la_hold_tail = NULL; + la->la_hold_count--; + la_hold_total--; + m_freem(mh); + } if (la->la_hold_tail == NULL) la->la_hold_head = m; else @@ -440,6 +443,15 @@ arpresolve(ac, rt, m, dst, desten) la->la_hold_tail = m; la->la_hold_count++; la_hold_total++; + } else { + while ((mh = la->la_hold_head) != NULL) { + la->la_hold_head = + la->la_hold_head->m_nextpkt; + la_hold_total--; + m_freem(mh); + } + la->la_hold_tail = NULL; + la->la_hold_count = 0; } /* @@ -732,7 +744,7 @@ in_arpinput(m) (*ac->ac_if.if_output)(&ac->ac_if, mh, rt_key(rt), rt); - if (la->la_hold_tail && la->la_hold_tail == mh) { + if (la->la_hold_tail == mh) { /* mbuf is back in queue. Discard. */ la->la_hold_tail = mt; if (la->la_hold_tail) diff --git a/sys/netinet/if_ether.h b/sys/netinet/if_ether.h index 245e927f37d..9e61e09cc4a 100644 --- a/sys/netinet/if_ether.h +++ b/sys/netinet/if_ether.h @@ -1,4 +1,4 @@ -/* $OpenBSD: if_ether.h,v 1.42 2008/10/30 09:39:05 gollo Exp $ */ +/* $OpenBSD: if_ether.h,v 1.43 2008/10/31 21:08:33 claudio Exp $ */ /* $NetBSD: if_ether.h,v 1.22 1996/05/11 13:00:00 mycroft Exp $ */ /* @@ -169,7 +169,7 @@ struct llinfo_arp { #define la_timer la_rt->rt_rmx.rmx_expire /* deletion time in seconds */ }; #define MAX_HOLD_QUEUE 10 -#define MAX_HOLD_TOTAL NMBCLUSTERS / 10 +#define MAX_HOLD_TOTAL 100 struct sockaddr_inarp { u_int8_t sin_len; |