Apply by doing:
       cd /usr/src
       patch -p0 < 005_tcp.patch

And then rebuild your kernel.

Index: sys/netinet/tcp_input.c
===================================================================
RCS file: /cvs/src/sys/netinet/tcp_input.c,v
retrieving revision 1.158
retrieving revision 1.158.2.1
diff -u -p -r1.158 -r1.158.2.1
--- sys/netinet/tcp_input.c     17 Mar 2004 11:42:29 -0000      1.158
+++ sys/netinet/tcp_input.c     6 May 2004 00:45:37 -0000       1.158.2.1
@@ -122,6 +122,10 @@ int tcp_rst_ppslim = 100;          /* 100pps */
int tcp_rst_ppslim_count = 0;
struct timeval tcp_rst_ppslim_last;

+int tcp_synack_ppslim = 100;           /* 100pps */
+int tcp_synack_ppslim_count = 0;
+struct timeval tcp_synack_ppslim_last;
+
#endif /* TUBA_INCLUDE */
#define TCP_PAWS_IDLE  (24 * 24 * 60 * 60 * PR_SLOWHZ)

@@ -1454,8 +1458,12 @@ trimthenstep6:
        * error and we send an RST and drop the connection.
        */
       if (tiflags & TH_SYN) {
-               tp = tcp_drop(tp, ECONNRESET);
-               goto dropwithreset;
+               if (ppsratecheck(&tcp_synack_ppslim_last, &tcp_synack_ppslim_count,
+                   tcp_synack_ppslim) == 0) {
+                       /* XXX stat */
+                       goto drop;
+               }
+               goto dropafterack;
       }

       /*

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.