d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1817be481b
freebsd-dev/sys
History
Gleb Smirnoff 1817be481b Add net.inet6.ip6.source_address_validation 
Drop packets arriving from the network that have our source IPv6
address.  If maliciously crafted they can create evil effects
like an RST exchange between two of our listening TCP ports.
Such packets just can't be legitimate.  Enable the tunable
by default.  Long time due for a modern Internet host.

Reviewed by:		melifaro, donner, kp
Differential revision:	https://reviews.freebsd.org/D32915
2021-11-12 09:01:40 -08:00
..
amd64 Update MINIMAL to have CC options 2021-11-12 09:33:18 -07:00
arm tcp: Congestion control cleanup. 2021-11-11 06:28:18 -05:00
arm64 tcp: Congestion control cleanup. 2021-11-11 06:28:18 -05:00
bsm
cam cam_iosched: Fix a comment 2021-11-08 14:21:08 -07:00
cddl Allow ddb and dtrace use the DMAP region on arm64 2021-10-01 11:27:33 +01:00
compat Regen 2021-11-10 21:18:54 +02:00
conf tcp: Congestion control cleanup. 2021-11-11 06:28:18 -05:00
contrib zfs: merge openzfs/zfs@6c8f03232 (master) into main 2021-11-10 14:22:37 +01:00
crypto ossl: Add support for ETA mode 2021-11-08 10:53:36 +01:00
ddb
dev cxgbe(4): internal knob for flexible control over FEC selection. 2021-11-10 15:16:53 -08:00
dts ipq4018: add a device tree file for the ASUS rt-ac58u router 2021-10-18 19:18:46 +00:00
fs nfscl: Add a LayoutError RPC for NFSv4.2 pNFS mounts 2021-11-11 15:43:58 -08:00
gdb
geom gjournal(8): Fix a typo in a source code comment 2021-11-03 17:14:00 +01:00
gnu
i386 Update MINIMAL to have CC options 2021-11-12 09:33:18 -07:00
isa
kern mbuf: Fix an offset calculation in m_apply_extpg_one() 2021-11-10 16:57:12 -05:00
kgssapi
libkern
mips sched: split sched_ap_entry() out of sched_throw() 2021-11-05 15:45:51 -05:00
modules tcp: Congestion control cleanup. 2021-11-11 06:28:18 -05:00
net if_stf: enable use in vnet jails 2021-11-09 09:39:53 +01:00
net80211 net80211: add a driver-private pointer to struct ieee80211_node 2021-10-31 19:08:28 +00:00
netgraph ng_pptpgre(4): Fix a typo in a source code comment 2021-11-03 17:15:59 +01:00
netinet Add net.inet.ip.source_address_validation 2021-11-12 09:00:33 -08:00
netinet6 Add net.inet6.ip6.source_address_validation 2021-11-12 09:01:40 -08:00
netipsec ipsec: add a lock encompassing SPI allocation 2021-11-03 19:51:40 +00:00
netpfil pf: ensure we populate dyncnt/tblcnt in struct pf_addr_wrap 2021-11-10 11:27:22 +01:00
netsmb
nfs kernel: deprecate Internet Class A/B/C 2021-11-09 09:32:38 -06:00
nfsclient
nfsserver
nlm
ofed socket: De-duplicate SBLOCKWAIT() definitions 2021-09-14 09:01:32 -04:00
opencrypto Drop "All rights reserved" from a Netflix copyright. 2021-11-11 14:41:16 -08:00
powerpc tcp: Congestion control cleanup. 2021-11-11 06:28:18 -05:00
riscv tcp: Congestion control cleanup. 2021-11-11 06:28:18 -05:00
rpc Don't require the socket lock for sorele(). 2021-11-09 10:50:12 -08:00
security
sys Regen 2021-11-10 21:18:54 +02:00
teken
tests
tools ipq4018: add TCSR definitions from Linux. 2021-10-18 19:18:01 +00:00
ufs ufs: remove write-only variables 2021-10-21 21:40:46 +03:00
vm vm_page: Handle VM_ALLOC_NORECLAIM in the contiguous page allocator 2021-11-11 14:26:41 -05:00
x86 Prefer CPUID leaf 1Fh for Intel CPU topology detection. 2021-11-06 00:53:52 -04:00
xdr
xen
Makefile