| syncache.4 (107191) | syncache.4 (149454) |
|---|---|
| 1.\" 2.\" syncache - TCP SYN caching to handle SYN flood DoS. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" | 1.\" 2.\" syncache - TCP SYN caching to handle SYN flood DoS. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" |
| 13.\" $FreeBSD: head/share/man/man4/syncache.4 107191 2002-11-23 19:43:44Z ru $ | 13.\" $FreeBSD: head/share/man/man4/syncache.4 149454 2005-08-25 13:47:41Z glebius $ |
| 14.\" 15.Dd August 31, 2001 16.Dt SYNCACHE 4 17.Os 18.Sh NAME 19.Nm syncache , syncookies 20.Nd 21.Xr sysctl 8 --- 43 unchanged lines hidden (view full) --- 65.Pp 66The 67.Nm 68protects the system from SYN flood DoS attacks by minimizing 69the amount of state kept on the server, and by limiting the overall size 70of the 71.Nm . 72.Pp | 14.\" 15.Dd August 31, 2001 16.Dt SYNCACHE 4 17.Os 18.Sh NAME 19.Nm syncache , syncookies 20.Nd 21.Xr sysctl 8 --- 43 unchanged lines hidden (view full) --- 65.Pp 66The 67.Nm 68protects the system from SYN flood DoS attacks by minimizing 69the amount of state kept on the server, and by limiting the overall size 70of the 71.Nm . 72.Pp |
| 73Transaction TCP accelerated opens (see 74.Xr ttcp 4 ) 75are also supported, and bypass the 76.Nm . 77.Pp | |
| 78.Nm Syncookies 79provides a way to virtually expand the size of the 80.Nm 81by keeping state regarding the initial SYN in the network. 82Enabling 83.Nm syncookies 84sends a cryptographic value in the SYN,ACK reply to 85the client machine, which is then returned in the client's ACK. --- 97 unchanged lines hidden (view full) --- 183.Nm 184entry. 185.It Li "cookies received" 186Connections created from segment containing ACK. 187.El 188.Sh SEE ALSO 189.Xr netstat 1 , 190.Xr tcp 4 , | 73.Nm Syncookies 74provides a way to virtually expand the size of the 75.Nm 76by keeping state regarding the initial SYN in the network. 77Enabling 78.Nm syncookies 79sends a cryptographic value in the SYN,ACK reply to 80the client machine, which is then returned in the client's ACK. --- 97 unchanged lines hidden (view full) --- 178.Nm 179entry. 180.It Li "cookies received" 181Connections created from segment containing ACK. 182.El 183.Sh SEE ALSO 184.Xr netstat 1 , 185.Xr tcp 4 , |
| 191.Xr ttcp 4 , | |
| 192.Xr loader 8 , 193.Xr sysctl 8 194.Sh HISTORY 195The existing 196.Nm 197implementation 198first appeared in 199.Fx 4.5 . --- 12 unchanged lines hidden --- | 186.Xr loader 8 , 187.Xr sysctl 8 188.Sh HISTORY 189The existing 190.Nm 191implementation 192first appeared in 193.Fx 4.5 . --- 12 unchanged lines hidden --- |