Add a sysctl to control the generation of source quench packets,

and set it to 0 by default.

Partially obtained from:	NetBSD
Suggested by:	David Gilbert
MFC after:	5 days

1 files changed, 20 insertions, 2 deletions

diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index f928744..1c2863b 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -125,6 +125,11 @@ SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragpackets, CTLFLAG_RW,
 	&ip_maxfragpackets, 0,
 	"Maximum number of IPv4 fragment reassembly queue entries");
 
+static int	ip_sendsourcequench = 0;
+SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW,
+	&ip_sendsourcequench, 0,
+	"Enable the transmission of source quench packets");
+
 /*
  * XXX - Setting ip_checkinterface mostly implements the receive side of
  * the Strong ES model described in RFC 1122, but since the routing table
@@ -1971,8 +1976,21 @@ ip_forward(struct mbuf *m, int srcrt, struct sockaddr_in *next_hop)
 		break;
 
 	case ENOBUFS:
-		type = ICMP_SOURCEQUENCH;
-		code = 0;
+		/*
+		 * A router should not generate ICMP_SOURCEQUENCH as
+		 * required in RFC1812 Requirements for IP Version 4 Routers.
+		 * Source quench could be a big problem under DoS attacks,
+		 * or if the underlying interface is rate-limited.
+		 * Those who need source quench packets may re-enable them
+		 * via the net.inet.ip.sendsourcequench sysctl.
+		 */
+		if (ip_sendsourcequench == 0) {
+			m_freem(mcopy);
+			return;
+		} else {
+			type = ICMP_SOURCEQUENCH;
+			code = 0;
+		}
 		break;
 
 	case EACCES:			/* ipfw denied packet */