Home
last modified time | relevance | path

Searched refs:SYN (Results 1 – 25 of 29) sorted by relevance

12

/linux-6.15/tools/testing/selftests/net/netfilter/packetdrill/
H A Dconntrack_synack_reuse.pkt1 // Check reception of another SYN while we have an established conntrack state.
3 // state and SYN retransmit should give us new 'SYN_RECV' connection state.
8 +0 `iptables -A INPUT -m conntrack --ctstate INVALID -p tcp --tcp-flags SYN,ACK SYN,ACK`
H A Dconntrack_syn_challenge_ack.pkt1 // Check connection re-use, i.e. peer that receives the SYN answers with
H A Dconntrack_synack_old.pkt37 // with buggy conntrack above packet is dropped, so SYN rtx is seen:
/linux-6.15/Documentation/networking/
H A Dsnmp_counter.rst286 It means the TCP layer sends a SYN, and come into the SYN-SENT
296 It means the TCP layer receives a SYN, replies a SYN+ACK, come into
297 the SYN-RCVD state.
329 TCPSynRetrans: number of SYN and SYN/ACK retransmits to break down
796 TCP stack receives a SYN and replies SYN+ACK. Now the TCP stack is
960 SYN cookies
962 SYN cookies are used to mitigate SYN flood, for details, please refer
1106 SYN, sent SYN+ACK, received ACK, so server sent 1 packet, received 2
1111 When the client sent SYN, the client came into the SYN-SENT state, so
1588 re-send the SYN packet if it didn't receive a SYN+ACK, we could find
[all …]
H A Dmptcp-sysctl.rst136 The number of SYN + MP_CAPABLE retransmissions before falling back to
140 * The initial SYN with MPTCP support
141 * This number of SYN retransmitted with MPTCP support
142 * The next SYN retransmissions will be without MPTCP support
145 >= 128 means that all SYN retransmissions will keep the MPTCP options. A
H A Dip-sysctl.rst390 TCP SYN and SYNACK messages usually advertise an ADVMSS option,
796 overflows. This is to prevent against the common 'SYN flood attack'
801 against legal connection rate. If you see SYN flood warnings
811 SYN flood warnings in logs not being really flooded, your server
820 the initial SYN packet is received during the three-way handshake.
845 SYN packet.
849 rather than connect() to send data in SYN.
861 a SYN packet to be accepted and passed to the
863 0x4 (client) send data in the opening SYN regardless of cookie
865 0x200 (server) accept data-in-SYN w/o any cookie option present.
[all …]
H A Dtcp_ao.rst118 If the segment is a SYN, then this is the first segment of a new
216 A: [7.5.2] doesn't have the same choice as SYN packet handling in [7.5.1.i]
367 keys on a first properly signed SYN would make the request socket bigger, that
H A Dmptcp.rst48 it, the returned ``SYN+ACK`` packet will not contain MPTCP options in the TCP
/linux-6.15/tools/testing/selftests/net/packetdrill/
H A Dtcp_ecn_ecn-uses-ect0.pkt11 // ECN handshake: send EW flags in SYN packet, E flag in SYN-ACK response
H A Dtcp_zerocopy_fastopen-client.pkt13 // Send a FastOpen request, no cookie yet so no data in SYN
33 // Send another Fastopen request, now SYN will have data
H A Dtcp_md5_md5-only-on-client-ack.pkt2 // Test what happens when client does not provide MD5 on SYN,
H A Dtcp_zerocopy_fastopen-server.pkt18 // Client sends a SYN with data.
H A Dtcp_timestamping_client-only-last-byte.pkt40 // is called after when SYN is acked. So, we expect the last byte of the first
H A Dtcp_timestamping_server.pkt24 // is called after when SYN is acked. So, we expect the last byte of the first
/linux-6.15/Documentation/driver-api/surface_aggregator/
H A Dssh.rst8 .. |SYN| replace:: ``SYN`` substdef
93 * - |SYN|
97 A message consists of |SYN|, followed by the frame (|TYPE|, |LEN|, |SEQ| and
140 Each exchange begins with |SYN|, followed by a |DATA_SEQ|- or
165 tx: -- SYN FRAME(D) CRC(F) PAYLOAD CRC(P) -----------------------------
166 rx: ------------------------------------- SYN FRAME(A) CRC(F) CRC(P) --
175 tx: -- SYN FRAME(D) CRC(F) PAYLOAD CRC(P) -----------------------------
176 rx: ------------------------------------- SYN FRAME(N) CRC(F) CRC(P) --
184 tx: -- SYN FRAME(DATA_NSQ) CRC(F) PAYLOAD CRC(P) ----------------------
/linux-6.15/tools/testing/selftests/bpf/prog_tests/
H A Dcls_redirect.c151 SYN, enumerator
199 if (test->flags == SYN) in test_str()
209 { TCP, ACCEPT, UNKNOWN_CONN, NO_HOPS, SYN },
308 if (test->flags == SYN) in build_input()
/linux-6.15/tools/perf/trace/beauty/
H A Dmsg_flags.c55 P_MSG_FLAG(SYN); in syscall_arg__scnprintf_msg_flags()
/linux-6.15/net/ipv4/
H A DKconfig271 Normal TCP/IP networking is open to an attack known as "SYN
277 SYN cookies provide protection against this type of attack. If you
279 protocol known as "SYN cookies" to enable legitimate users to
282 SYN cookies work transparently to them. For technical information
283 about SYN cookies, check out <https://cr.yp.to/syncookies.html>.
285 If you are SYN flooded, the source address reported by the kernel is
290 SYN cookies may prevent correct error reporting on clients when the
294 If you say Y here, you can disable SYN cookies at run time by
/linux-6.15/tools/testing/selftests/bpf/progs/
H A Dtest_cls_redirect_dynptr.c77 SYN, enumerator
723 return SYN; in process_tcp()
957 case SYN: in cls_redirect()
H A Dtest_cls_redirect.c83 SYN, enumerator
830 return SYN; in process_tcp()
1059 case SYN: in cls_redirect()
/linux-6.15/kernel/configs/
H A Dhardening.config87 # Provides some protections against SYN flooding.
/linux-6.15/net/netfilter/
H A DKconfig676 during SYN-flood attacks.
1127 MSS value of TCP SYN packets, to control the maximum size for that
1143 iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN \
1470 analyzing incoming TCP SYN packets.
1630 MSS value of TCP SYN packets, which control the maximum packet size
/linux-6.15/drivers/net/ethernet/sfc/
H A Dtc_conntrack.c255 tcp_interesting_flags = EFX_NF_TCP_FLAG(SYN) | in efx_tc_ct_parse_match()
/linux-6.15/net/ipv6/netfilter/
H A DKconfig230 during SYN-flood attacks.
/linux-6.15/net/ipv4/netfilter/
H A DKconfig215 during SYN-flood attacks.

12