> hi, > > i'm writing a kernel module (2.4.19) which sits in the network stack and > listens for outgoing tcp-syn packets and drops them if they start coming too > fast (e.g. when someone is doing a tcp-syn scan from your box). Most of the ways that people figure out how to drop packets at this level are usually tacky. One way is to replace the hard_start_xmit pointer (of the necessary device) with your own...again tacky. A lot of people seem to have a need to have this feature implemented for various projects (hint...hint...). You should probably drop the packets using netfiler if you can (look at NF_DROP). Regards, Mazhar Memon - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
