accf_dns — buffer incoming DNS requests until the whole first request is present

       This manual page and the filter were written by David Malone.

Debian                                            July 16, 2008                                      ACCF_DNS(9)

       This is a filter to be placed on a socket that will be using accept() to receive incoming connections.

       It  prevents  the  application  from  receiving  the  connected descriptor via accept() until a whole DNS
       request is available on the socket.  It does this by reading the first  two  bytes  of  the  request,  to
       determine its size, and waiting until the required amount of data is available to be read.

       The ACCEPT_FILTER_DNS kernel option is also a module that can be enabled at runtime via kldload(8) if the
       INET option has been compiled into the kernel.

       If  the  accf_dns module is available in the kernel, the following code will enable the DNS accept filter
       on a socket sok.

               struct accept_filter_arg afa;

               bzero(&afa, sizeof(afa));
               strcpy(afa.af_name, "dnsready");
               setsockopt(sok, SOL_SOCKET, SO_ACCEPTFILTER, &afa, sizeof(afa));

       The accept filter mechanism was introduced in FreeBSD 4.0.

       accf_dns — buffer incoming DNS requests until the whole first request is present

setsockopt(2), accept_filter(9), accf_data(9), accf_http(9)

optionsINEToptionsACCEPT_FILTER_DNSkldloadaccf_dns