Scroll to navigation

ACCF_DNS(9) Kernel Developer's Manual ACCF_DNS(9)

NAME

accf_dnsbuffer incoming DNS requests until the whole first request is present

SYNOPSIS

options INET

options ACCEPT_FILTER_DNS

kldload accf_dns

DESCRIPTION

This is a filter to be placed on a socket that will be using accept() to receive incoming connections.
It prevents the application from receiving the connected descriptor via accept() until a whole DNS request is available on the socket. It does this by reading the first two bytes of the request, to determine its size, and waiting until the required amount of data is available to be read.
The ACCEPT_FILTER_DNS kernel option is also a module that can be enabled at runtime via kldload(8) if the INET option has been compiled into the kernel.

EXAMPLES

If the accf_dns module is available in the kernel, the following code will enable the DNS accept filter on a socket sok. 
	struct accept_filter_arg afa; 
 
	bzero(&afa, sizeof(afa)); 
	strcpy(afa.af_name, "dnsready"); 
	setsockopt(sok, SOL_SOCKET, SO_ACCEPTFILTER, &afa, sizeof(afa));

SEE ALSO

setsockopt(2), accept_filter(9), accf_http(9) accf_data(9)

HISTORY

The accept filter mechanism was introduced in FreeBSD 4.0.

AUTHORS

This manual page and the filter were written by David Malone.
July 16, 2008 Debian