Eric Dumazet wrote: > Le jeudi 22 avril 2010 à 23:03 +0200, Eric Dumazet a écrit : >>> Guess I have to reproduce the DoS attack in a testlab (I will first have >>> time Tuesday). So we can determine if its bad hashing or restart of the >>> search loop. >>> > > Or very long chains, if attacker managed to find a jhash flaw. That should be visible in the "searched" statistic. > You could add a lookup_restart counter : I've applied Jespers equivalent patch. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
