>
> On most machines select returns -1, errno=EINTR on a signal that is handled.
>
You are correct. To fix the original code I posted, here goes:
[note, it will probably take longer than the interval, because of the number of
calls involved, but that's your thing]
void mysleep(int seconds)
{
struct timeval tv_now;
struct timeval tv_then;
struct timeval tv;
tv.tv_sec=seconds;
tv.tv_usec=0;
gettimeofday(&tv_now);
tv_then.tv_sec = tv_now.tv_sec + seconds;
tv_then.tv_usec = 0;
while(select(0,NULL,NULL,NULL,&tv) != 0) {
gettimeofday(&tv_now);
tv.tv_sec = tv_then.tv_sec - tv_now.tv_sec;
tv.tv_usec = tv_then.tv_usec - tv_now.tv_usec;
}
}
There you go. It just shows how such an insignificant little thing can consume a lot
of time to solve.
>
> Also the real problem is much more fundamental than all of the ping -f
> arguments. Consider
>
> fork 10 pings
> while(1)
> {
> kill all pings
> as we get sigcld fork new ones
> delay (not long)
> }
>
> Another ping -f style attack. Or I could use UDP to send billions of
> packets - far far simpler.
>
I concur, UDP is fully user level, and it can be programmed much easier than ICMP.
>
> There is only one serious way to handle this, and it goes beyond the
> conventional Unix networking. Like any other resource you quota users
> in packets/bytes per second. Secure network folk would probably like a per
> user BPF filter that must say Yes to any packet the user attempts to send
> as well. I don't think anyone is addressing this right now.
>
> Alan
>
--Perry
--
Perry Harrington System Software Engineer zelur xuniL ()
http://www.webcom.com perry.harringtonat_private Think Blue. /\
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:54:11 PDT