summaryrefslogtreecommitdiffstats
path: root/include/net/tcp.h
diff options
context:
space:
mode:
authorEric Dumazet <eric.dumazet@gmail.com>2011-08-30 05:21:44 +0200
committerDavid S. Miller <davem@davemloft.net>2011-09-15 20:49:43 +0200
commit946cedccbd7387488d2cee5da92cdfeb28d2e670 (patch)
treefbb0d9c8dc11d6efee64e2a077a4951831932058 /include/net/tcp.h
parentpkt_sched: cls_rsvp.h was outdated (diff)
downloadlinux-946cedccbd7387488d2cee5da92cdfeb28d2e670.tar.xz
linux-946cedccbd7387488d2cee5da92cdfeb28d2e670.zip
tcp: Change possible SYN flooding messages
"Possible SYN flooding on port xxxx " messages can fill logs on servers. Change logic to log the message only once per listener, and add two new SNMP counters to track : TCPReqQFullDoCookies : number of times a SYNCOOKIE was replied to client TCPReqQFullDrop : number of times a SYN request was dropped because syncookies were not enabled. Based on a prior patch from Tom Herbert, and suggestions from David. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> CC: Tom Herbert <therbert@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/tcp.h')
-rw-r--r--include/net/tcp.h3
1 files changed, 3 insertions, 0 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 149a415d1e0a..e9b48b094683 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -460,6 +460,9 @@ extern int tcp_write_wakeup(struct sock *);
extern void tcp_send_fin(struct sock *sk);
extern void tcp_send_active_reset(struct sock *sk, gfp_t priority);
extern int tcp_send_synack(struct sock *);
+extern int tcp_syn_flood_action(struct sock *sk,
+ const struct sk_buff *skb,
+ const char *proto);
extern void tcp_push_one(struct sock *, unsigned int mss_now);
extern void tcp_send_ack(struct sock *sk);
extern void tcp_send_delayed_ack(struct sock *sk);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-10 14:48:40 +0100