Page MenuHomeFreeBSD

Document the sctp blackhole sysctl MIB
ClosedPublic

Authored by allanjude on Aug 29 2015, 4:57 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Nov 24, 12:23 AM
Unknown Object (File)
Mon, Nov 18, 11:53 PM
Unknown Object (File)
Fri, Nov 15, 4:02 AM
Unknown Object (File)
Fri, Nov 15, 12:43 AM
Unknown Object (File)
Wed, Nov 13, 7:55 PM
Unknown Object (File)
Tue, Nov 12, 10:59 PM
Unknown Object (File)
Tue, Nov 12, 9:14 PM
Unknown Object (File)
Fri, Nov 1, 1:14 AM
Subscribers

Details

Summary

Submitted By: Marie Helene Kvello-Aune <marieheleneka@gmail.com>
PR: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=184110

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

allanjude retitled this revision from to Document the sctp blackhole sysctl MIB.
allanjude updated this object.
allanjude edited the test plan for this revision. (Show Details)
allanjude added reviewers: bcr, wblock, eadler.
share/man/man4/blackhole.4
27

The notation looks wrong. Can .Op be used?

57

Start new sentences on new lines.

58

Start new sentences on new lines.

59

"out of the blue" is colloquial. Better to say "unexpected packets are received", or some other more descriptive term.

sys/netinet/sctp_sysctl.h
548

"man page" is redundant. "for more details" probably is also.

marieheleneka_gmail.com edited edge metadata.
marieheleneka_gmail.com removed rS FreeBSD src repository - subversion as the repository for this revision.

Updated to address feedback from wblock.

share/man/man4/blackhole.4
25

For .Op, I meant more like this:

.Cd sysctl net.inet.sctp.blackhole Ns Op = Ns Brq "0 | 1"

I can't find any other examples of parameters like that. The curly bracket usage here is the same as used in mdoc(7). It probably isn't any worse than the original. Better, probably, because the original implied that the numbers after the = are optional (they aren't).

share/man/man4/blackhole.4
25

I think that might have been on purpose. The numbers in fact are optional, in the case where you want to read the value, and see what it is set to, instead of setting it.

share/man/man4/blackhole.4
25

The way it was shown implied that the numbers were optional even with the = specified. On 10-STABLE at least, that is not the case:

% sysctl net.inet.tcp.blackhole=
sysctl: empty numeric value
marieheleneka_gmail.com set the repository for this revision to rS FreeBSD src repository - subversion.

Improved formatting of synopsis according to wblock's feedback.
Added subsections to the DESCRIPTION section for SCTP, TCP, and UDP
Moved the SCTP subsection to the top, so that the subsections are sorted alphabetically
Phrases which list SCTP, TCP, and UDP together are now consistent in listing them alphabetically
Moved the 'summary' paragraph from the bottom of DESCRIPTION to directly before the first subsection.

marieheleneka_gmail.com edited edge metadata.

Fixed a stray space in synopsis Brq parameter.

marieheleneka_gmail.com edited edge metadata.

Corrected synopsis to state the sctp.blackhole MIB has valid values of 0, 1 and 2.

share/man/man4/blackhole.4
35
The blackhole behaviour is useful to slow down an attacker who is port-scanning
a system in an attempt to detect vulnerable services.
37

It might also slow down an attempted denial of service attack.

marieheleneka_gmail.com edited edge metadata.

The SCTP subsection felt awkward, so I've reworded it to flow better for the reader.

Updated the DESCRIPTION section according to wblock's feedback.

wblock edited edge metadata.

Looks good to me.

This revision is now accepted and ready to land.Sep 7 2015, 12:37 AM
allanjude edited reviewers, added: marieheleneka_gmail.com; removed: allanjude.

Take it back to commit it

This revision was automatically updated to reflect the committed changes.