Re: pingflood.c

[pedward () WEBCOM COM (pedward () WEBCOM COM)]

> On most machines select returns -1, errno=EINTR on a signal that is handled.

You are correct. To fix the original code I posted, here goes:


[note, it will probably take longer than the interval, because of the number of
calls involved, but that's your thing]

void mysleep(int seconds)
{
        struct timeval tv_now;
        struct timeval tv_then;
        struct timeval tv;

        tv.tv_sec=seconds;
        tv.tv_usec=0;

        gettimeofday(&tv_now);

        tv_then.tv_sec = tv_now.tv_sec + seconds;
        tv_then.tv_usec = 0;

        while(select(0,NULL,NULL,NULL,&tv) != 0) {
                gettimeofday(&tv_now);

                tv.tv_sec = tv_then.tv_sec - tv_now.tv_sec;
                tv.tv_usec = tv_then.tv_usec - tv_now.tv_usec;

        }

}

There you go.  It just shows how such an insignificant little thing can consume a lot
of time to solve.

> Also the real problem is much more fundamental than all of the ping -f
> arguments. Consider
>
>       fork 10 pings
>       while(1)
>       {
>               kill all pings
>               as we get sigcld fork new ones
>               delay (not long)
>       }
>
> Another ping -f style attack. Or I could use UDP to send billions of
> packets - far far simpler.

I concur, UDP is fully user level, and it can be programmed much easier than ICMP.

> There is only one serious way to handle this, and it goes beyond the
> conventional Unix networking. Like any other resource you quota users
> in packets/bytes per second. Secure network folk would probably like a per
> user BPF filter that must say Yes to any packet the user attempts to send
> as well. I don't think anyone is addressing this right now.
>
> Alan

--Perry

--
Perry Harrington        System Software Engineer    zelur xuniL  ()
http://www.webcom.com  perry.harrington () webcom com  Think Blue.  /\