At 12:56 AM -0600 2003/10/09, Vector wrote: > natd chokes on the latest windoze worms and I have implemented some DoS > prevention/worm protection in ipnat but I'm seeing this memory leak without > my improvements there at all. > > If it's in the kernel, ipnat is kept under control when natd would normally > be sucking the CPU dry and preventing things like remote logins, very > slugish updates, etc... That seems to be very odd to me. If anything, putting it in the kernel should guarantee that it could runaway with as much memory, CPU, etc... as it wanted. Could you explain a bit more about the added controls you have over this process because it's part of the kernel, as opposed to operating in user space? This is a serious question -- I don't understand, and I'd like to learn. -- Brad Knowles, <brad.knowles_at_skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)Received on Thu Oct 09 2003 - 07:56:58 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:24 UTC