o Document net.inet.ip.random_id sysctl.
Reviewed by: dwmalone, ru
This commit is contained in:
Maxim Konovalov
parent
99c8d0836d
commit
4892c9a4c0
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=133757
@ -32,7 +32,7 @@
|
|||||||
.\" From: @(#)inet.4 8.1 (Berkeley) 6/5/93
|
.\" From: @(#)inet.4 8.1 (Berkeley) 6/5/93
|
||||||
.\" $FreeBSD$
|
.\" $FreeBSD$
|
||||||
.\"
|
.\"
|
||||||
.Dd July 2, 2004
|
.Dd August 15, 2004
|
||||||
.Dt INET 4
|
.Dt INET 4
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
@ -288,6 +288,17 @@ This
|
|||||||
.Xr sysctl 8
|
.Xr sysctl 8
|
||||||
variable affects packets destined for a local host as well as packets
|
variable affects packets destined for a local host as well as packets
|
||||||
forwarded to some other host.
|
forwarded to some other host.
|
||||||
|
.It Va ip.random_id
|
||||||
|
Boolean: control IP IDs generation behaviour.
|
||||||
|
Setting this
|
||||||
|
.Xr sysctl 8
|
||||||
|
to non-zero causes the ID field in IP packets to be randomized instead of
|
||||||
|
incremented by 1 with each packet generated.
|
||||||
|
This closes a minor information leak which allows remote observers to
|
||||||
|
determine the rate of packet generation on the machine by watching the
|
||||||
|
counter.
|
||||||
|
Default is 0 (sequential IP IDs).
|
||||||
|
IPv6 flow IDs and fragment IDs are always random.
|
||||||
.El
|
.El
|
||||||
.Sh SEE ALSO
|
.Sh SEE ALSO
|
||||||
.Xr ioctl 2 ,
|
.Xr ioctl 2 ,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user