Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

implement charybdis' synflood mitigation strategies #32

Open
kaniini opened this issue Apr 7, 2015 · 2 comments
Open

implement charybdis' synflood mitigation strategies #32

kaniini opened this issue Apr 7, 2015 · 2 comments
Milestone
mammon-1

Comments

@kaniini
Copy link
Contributor

kaniini commented Apr 7, 2015

we need to implement charybdis' listen::defer_accept. this will allow the kernel to discard synflood traffic without clogging the ircd or tcp stack resources up.

on Linux, this is a matter of using socket.setsockopt() on the listener, with the socket.TCP_DEFER_ACCEPT constant and the socket.SOL_TCP layer constant.

on FreeBSD, I need to still investigate how to get access to accept filters from Python.
@kaniini kaniini added this to the mammon-1 milestone Apr 7, 2015
@usrbinsam
Copy link
Contributor

Python's socket module documentation states that the TCP_* constants should all be the same, On FreeBSD, I would think it's just socket.TCP_FILTERACCEPT. Not sure on the layer constant, maybe socket.IPPROTO_TCP?

@kaniini
Copy link
Contributor Author

kaniini commented Jul 1, 2015

you have to attach a struct so_acceptfilter to the setsockopt(2) call.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
mammon-1
Development

No branches or pull requests
2 participants
@usrbinsam @kaniini