RE: How to not receive a TCP packet...

Stefan Savage (savage@cs.washington.edu)
Mon, 17 Aug 1998 22:11:15 -0700

Ok, thanks everyone for their input. The goal was to come up with a
portable solution that could be used with minimum administrative
requirements (ie. like traceroute). It sounds like none of us have a
really good idea on how to do this. Clearly Linux or FreeBSD specific
solutions aren't too portable, and getting additional IP address can be
a nightmare (in many environments, like at UW or CMU, this is far harder
than getting root access). So bereft of any better ideas myself, I
think the "right" answer is to add a "packet absorb" feature into
libpcap, and hack up a version for Digital Unix and FreeBSD using OS
specific hacks/mods.

- Stefan

-----Original Message-----
From: Gretta Bartels [mailto:gretta@hirame.cs.washington.edu]
Sent: Monday, August 17, 1998 11:40 AM
To: syn@cs
Subject: Re: How to not receive a TCP packet...

> Would it be possible to use firewall features (in FreeBSD or Linux) to
> drop TCP packets coming from the IP address of the machine with which
> you're having the dialogue? If not a traditional firewall, then maybe
> Dummynet? (http://www.iet.unipi.it/~luigi/ip_dummynet/)

I don't know anything about linux, but it looks like dummynet for
FreeBSD just uses ipfw, the regular firewall utility, so it seems
unlikely to me that dummynet will be able to accomplish anything that
ipfw can't.

So I guess the question is whether ipfw deletes the banned packets
before or after Stefan's user-level tcp sender/receiver copies them
out of the stack. I'm not sufficiently network stack-savvy to figure
that out right now.

Gretta