On Thu, Oct 12, 2006 at 12:13:26PM +0200, Martin Schiller ([EMAIL PROTECTED])
wrote:
> On Thursday, October 12, 2006 10:38 AM, Eric Dumazet wrote:
> >
> > Well, it is already possible to delay the 'third packet' of an
> > outgoing connection with a litle hack. But AFAIK not the SYNACK of
> > incoming connection. It could be cool. Maybe some new syscalls are
> > needed:
> >
> > int syn_recv(int socklisten, ...);
> > /* give to user app the SYN packet */
> > int syn_ack(int socklisten, ...);
> > /* User app has the ability to ask kernel tcp stack to :
> > DROP this packet.
> > REJECT the attempt
> > ACCEPT the attempt (sending a SYN/ACK) */
> >
>
> So, when do you mean the user-space application should run this syscalls?
> After the call to listen()?
>
> Another problem with this solution might be, that I don't want to block the
> listening socket with the processing of one request, because there could be
> a lot of simultaneous requests.
You should break your decision into per state change transformations.
I think it is possible with either conntrack or netlink module Samir
Bellabes <sbellabes_mandriva.com> creates (Network Events Connector
subject) or even using syncookie algo changes.
But it will drastically change your server performance...
--
Evgeniy Polyakov
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
