On Sun, 29 Jul 2001, Alan Cox wrote: > > Our patch can be used along with SYN policing to prioritize incoming > > connection requests on a socket. SYN policing can be used to limit > > the rate of a particular class, but it cannot be used to prioritize a > > No. Because you cant prove the packets are not spoofed. An attacker > becomes able to block classes The aim of our patch is not to protect against a denial of service kind of attack. It is more targeted towards a server that is getting overloaded with valid connection requests. In such a scenario, this mechanism will provide better latency and connection rate for higher priority connections. Thanks Sridhar - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org