Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp2870374rwb; Fri, 11 Nov 2022 16:42:24 -0800 (PST) X-Google-Smtp-Source: AA0mqf5Jd3r4BeGmZcxdpyFAPaRMP6NjuWLoTajRwJkDv7d+u7LBOgoGAxenYG433pERo/i0sU6o X-Received: by 2002:a17:906:830e:b0:7ad:a198:3177 with SMTP id j14-20020a170906830e00b007ada1983177mr3761793ejx.750.1668213744787; Fri, 11 Nov 2022 16:42:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668213744; cv=none; d=google.com; s=arc-20160816; b=Rb5xxpznaWUJbMD8wauYr+jqC5TBq5dcOuUUuSj9toUPvKtxWDUEZtUkRzLYrxYbb4 JsIui6W+JhMAK7mmeu6NncB5nbWhzb+fbLdGzzDar8Jw+TRPDsjOXKtTTpEazCY6e0Cv QonlicVm6ofZ6fsW6hbvun2jFPTm99MHrgedNafaYOgbsVmtvkdAIF1YzC6xiLuNImt/ UNFUog5KT/1U/AgF2ayMLSRr21OSxcEcCzC26rE0Bd3B6CUGoa+P0vH/iMsFzIMudA2W LoSKH6yUXy6LsPWmLjfiTH3XvXOR2pKkkL9DBpI5Gv/N9UIFDzvlqSaMd9fU1KIwEEdz m6mg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=XDKvgE4abL1LNK9A1vR3QS/HEotmvgeQVhtEiU4bCpY=; b=TgfknUWKoFIC8uQhCQVM93/RRKBJwE2eean655aTuqNVFMCOIHzWnaDosz8wjXPW7N c6znVcQj2OlqfX+lJ2rFx3HxFJ2xG/cBuAEd82On9ZnG92r4l8mvJWDaqQL7qyb1sAlz +ZKR4PflYffXOjywr/+DSNU2sTQwFw3B5+ki7wAOb59vIiMLnlPOeMuQI2EJ3ubt9OtF 9kNJoLZowZLVgenFvQSX+WWZdn3VmAkiILC3XSYyWbTyTATQBr4EyBJkw9bqM9ytitau BUXC8ZjH5YN6sGSLs5aEnQmdfJ0E8g1E7c9EjxlLi9HGmHinABrGv8YiUhm+AXtwo5+P AUrg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=o6ahKW4b; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x17-20020a05640226d100b00457ebe79577si3690881edd.623.2022.11.11.16.41.59; Fri, 11 Nov 2022 16:42:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=o6ahKW4b; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234466AbiKLAOy (ORCPT + 90 others); Fri, 11 Nov 2022 19:14:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44326 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234412AbiKLAOw (ORCPT ); Fri, 11 Nov 2022 19:14:52 -0500 Received: from mail-yw1-x1130.google.com (mail-yw1-x1130.google.com [IPv6:2607:f8b0:4864:20::1130]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B104D14D22 for ; Fri, 11 Nov 2022 16:14:51 -0800 (PST) Received: by mail-yw1-x1130.google.com with SMTP id 00721157ae682-3704852322fso57368857b3.8 for ; Fri, 11 Nov 2022 16:14:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XDKvgE4abL1LNK9A1vR3QS/HEotmvgeQVhtEiU4bCpY=; b=o6ahKW4br5rBqjawkN84i9PyQeZlyu4NDHLMtdwIPBWpPNLZfcPQSzl9zHBZxKkH81 9lFc4rMiP0/pWx5541rX0cQJRhUOsOzpK0Gb+roLXJ2nTnL8adQhupsW/hSRSDluKq3W Yw9putnEghIkFnwKHFEW7mZKWKfGYe7prfAjyXIUOVD9GOL+zs9byQ8vsPQBnIX0LHEx bhQ2Iv81MRNwFXXV8kE2/oRqzIg6mScJcbYaD5+4gqgUSbRjQ1D6qE+lRPW5goOQPr9Q rAmPGG+FdxOQvJM10qGCOki/l2sYW3PS+Pvtrxd0dWWlQ9nCpU6c0L9mmW+VLNL+UQo0 wTLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XDKvgE4abL1LNK9A1vR3QS/HEotmvgeQVhtEiU4bCpY=; b=IEHi1ZfS+MILkFh8FtLIB4Fz/hnJf6wey8RahHkDDj4vanZXXRnGNFXp4FAN/BySjd cfUOkKVsKfXfF2KcnCBI0S1QEBZgbRWntML8kOCiQBoY1iPL99BWQZUH/DwDx2NFeHPm /zoyJuHer9mkhGbHOJZY2x+FuwUSBbrDDI6/8L6Qs6kWKMkJPkqgT/IgC9lOxv+L86+o UcNeJVWt2U6n/P/Efpd7XS2Vdqf6yfY4ZYNUK/huoobO9uQdxyCc18Me6taZ2gKThFe7 qAlCMKlfnpApD2Iu2xzBbhWqWnddjvYdWnFNZjg24NYDIAMMsNp4+iofeCO6PkRkI6yc 85Sg== X-Gm-Message-State: ANoB5plzsS7RkkoM/takVbgRQ3HKlMCTtgxd0zqyxuz6XuJeaySPx0o5 SNcjYGwiZTHEzOPwgMjX30BSI3erVELUb640RkHQfQ== X-Received: by 2002:a81:254a:0:b0:36c:aaa6:e571 with SMTP id l71-20020a81254a000000b0036caaa6e571mr4171152ywl.467.1668212090749; Fri, 11 Nov 2022 16:14:50 -0800 (PST) MIME-Version: 1.0 References: <7ccd58e8e26bcdd82e66993cbd53ff59eebe3949.1668139105.git.jamie.bainbridge@gmail.com> <20221111092047.7d33bcd3@hermes.local> <20221111161120.770b9db2@hermes.local> In-Reply-To: <20221111161120.770b9db2@hermes.local> From: Eric Dumazet Date: Fri, 11 Nov 2022 16:14:39 -0800 Message-ID: Subject: Re: [PATCH v2] tcp: Add listening address to SYN flood message To: Stephen Hemminger Cc: Jamie Bainbridge , "David S. Miller" , Hideaki YOSHIFUJI , David Ahern , Jakub Kicinski , Paolo Abeni , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Nov 11, 2022 at 4:11 PM Stephen Hemminger wrote: > > On Sat, 12 Nov 2022 10:59:52 +1100 > Jamie Bainbridge wrote: > > > On Sat, 12 Nov 2022 at 04:20, Stephen Hemminger > > wrote: > > > > > > On Fri, 11 Nov 2022 14:59:32 +1100 > > > Jamie Bainbridge wrote: > > > > > > > + xchg(&queue->synflood_warned, 1) == 0) { > > > > + if (IS_ENABLED(CONFIG_IPV6) && sk->sk_family == AF_INET6) { > > > > + net_info_ratelimited("%s: Possible SYN flooding on port %pI6c.%u. %s.\n", > > > > + proto, &sk->sk_v6_rcv_saddr, > > > > + sk->sk_num, msg); > > > > + } else { > > > > + net_info_ratelimited("%s: Possible SYN flooding on port %pI4.%u. %s.\n", > > > > + proto, &sk->sk_rcv_saddr, > > > > + sk->sk_num, msg); > > > > > > Minor nit, the standard format for printing addresses would be to use colon seperator before port > > > > > > if (IS_ENABLED(CONFIG_IPV6) && sk->sk_family == AF_INET6) { > > > net_info_ratelimited("%s: Possible SYN flooding on [%pI6c]:%u. %s.\n", > > > proto, &sk->sk_v6_rcv_saddr, sk->sk_num, msg); > > > } else { > > > net_info_ratelimited("%s: Possible SYN flooding on %pI4:%u. %s.\n", > > > proto, &sk->sk_rcv_saddr, sk->sk_num, msg); > > > > I considered this too, though Eric suggested "IP.port" to match tcpdump. > > That works, if it happens I doubt it matters. Note that "ss dst" really needs the [] notation for IPv6 ss -t dst "[::1]" State Recv-Q Send-Q Local Address:Port Peer Address:Port Process CLOSE-WAIT 1 0 [::1]:50584 [::1]:ipp So we have inconsistency anyway... As you said, no strong opinion.