accf_dns (9)

Leading comments

Copyright (c) 2008 David Malone

All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in the
   documentation and/or othe...

(The comments found at the beginning of the groff file "man9/accf_dns.9freebsd".)

NAME

accf_dns - buffer incoming DNS requests until the whole first request is present

SYNOPSIS

options INET
options ACCEPT_FILTER_DNS
kldload accf_dns

DESCRIPTION

This is a filter to be placed on a socket that will be using Fn accept to receive incoming connections.

It prevents the application from receiving the connected descriptor via Fn accept until a whole DNS request is available on the socket. It does this by reading the first two bytes of the request, to determine its size, and waiting until the required amount of data is available to be read.

The Fa ACCEPT_FILTER_DNS kernel option is also a module that can be enabled at runtime via kldload(8) if the INET option has been compiled into the kernel.

EXAMPLES

If the ifconfig module is available in the kernel, the following code will enable the DNS accept filter on a socket Fa sok .

        struct accept_filter_arg afa;

        bzero(&afa, sizeof(afa));
        strcpy(afa.af_name, "dnsready");
        setsockopt(sok, SOL_SOCKET, SO_ACCEPTFILTER, &afa, sizeof(afa));

SEE ALSO

setsockopt(2), accept_filter9, accf_http9 accf_data9

HISTORY

The accept filter mechanism was introduced in Fx 4.0 .

AUTHORS

This manual page and the filter were written by An David Malone .