[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [lwip-devel] SYN flood attack - lwip crash
From: |
Simon Goldschmidt |
Subject: |
Re: [lwip-devel] SYN flood attack - lwip crash |
Date: |
Tue, 03 Feb 2009 07:33:17 +0100 |
> > Does this mean there are not problems when TCP_LISTEN_BACKLOG is turned
> off?
>
> i will try tomorrow.... but in this case i cannot have pending request
> to connect?
No, it means you cannot _limit_ the number of pending requests. Before 1.3.0,
lwIP accepted every incoming connection on a listening pcb. When the connection
is fully established, it is posted to the accept_mbox of the listening netconn
(when using the netconn or socket API, of course). This means the connection is
already open and can be fetched from that mbox at any time you like.
In contrast to that, the listen backlog limits the number of connections opened
on a listening port that are not yet handled by the application (increased when
a connection is opened, decreased when the application calls accept()). This is
a new feature that is not useful to everyone, maybe you don't need it, too.
It's mainly there for posix compatiblity.
Simon
--
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen:
http://www.gmx.net/de/go/multimessenger01