d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a8eb16c5ea
freebsd-dev/sys/netinet
History
Andre Oppermann 936cd18dad Add socketoption IP_MINTTL. May be used to set the minimum acceptable 
TTL a packet must have when received on a socket.  All packets with a
lower TTL are silently dropped.  Works on already connected/connecting
and listening sockets for RAW/UDP/TCP.

This option is only really useful when set to 255 preventing packets
from outside the directly connected networks reaching local listeners
on sockets.

Allows userland implementation of 'The Generalized TTL Security Mechanism
(GTSM)' according to RFC3682.  Examples of such use include the Cisco IOS
BGP implementation command "neighbor ttl-security".

MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 16:13:08 +00:00
..
libalias Libalias incorrectly applies proxy rules to the global divert 2005-06-27 22:21:42 +00:00
accf_data.c
accf_http.c
icmp6.h scope cleanup. with this change 2005-07-25 12:31:43 +00:00
icmp_var.h
if_atm.c Add NATM_LOCK() and NATM_UNLOCK() in places where npcb_add() and 2005-08-12 02:38:20 +00:00
if_atm.h
if_ether.c o Fix a race between three threads: output path, 2005-08-11 08:25:48 +00:00
if_ether.h
igmp_var.h
igmp.c Introduce in_multi_mtx, which will protect IPv4-layer multicast address 2005-08-03 19:29:47 +00:00
igmp.h
in_cksum.c
in_gif.c Fix IP(v6) over IP tunneling most likely broken with ifnet changes. 2005-06-20 08:39:30 +00:00
in_gif.h
in_pcb.c Remove no-op spl references in in_pcb.c, since in_pcb locking has been 2005-07-19 12:24:27 +00:00
in_pcb.h Add socketoption IP_MINTTL. May be used to set the minimum acceptable 2005-08-22 16:13:08 +00:00
in_proto.c Match IPv6 and use a static struct pr_usrreqs nousrreqs. 2005-08-10 06:41:04 +00:00
in_rmx.c
in_systm.h
in_var.h Introduce in_multi_mtx, which will protect IPv4-layer multicast address 2005-08-03 19:29:47 +00:00
in.c In order to support CARP interfaces kernel was taught to handle more 2005-08-18 10:34:30 +00:00
in.h Add socketoption IP_MINTTL. May be used to set the minimum acceptable 2005-08-22 16:13:08 +00:00
ip6.h move RFC3542 related definitions into ip6.h. 2005-07-20 10:30:52 +00:00
ip_carp.c Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and 2005-08-09 10:20:02 +00:00
ip_carp.h
ip_divert.c In div_output() explicitly set m->m_nextpkt to NULL. If divert socket 2005-05-13 11:44:37 +00:00
ip_divert.h
ip_dummynet.c Add dummynet(4) support to if_bridge, this code is largely based on bridge.c. 2005-06-10 01:25:22 +00:00
ip_dummynet.h Add dummynet(4) support to if_bridge, this code is largely based on bridge.c. 2005-06-10 01:25:22 +00:00
ip_ecn.c
ip_ecn.h
ip_encap.c
ip_encap.h
ip_fastfwd.c Handle pure layer 2 broad- and multicasts properly and simplify related 2005-08-22 12:06:26 +00:00
ip_fw2.c Fix broken build of rev. 1.108 in case of no INET6 and IPFIREWALL 2005-08-14 18:20:33 +00:00
ip_fw_pfil.c Add IPv6 support to IPFW and Dummynet. 2005-04-18 18:35:05 +00:00
ip_fw.h * Add dynamic sysctl for net.inet6.ip6.fw. 2005-08-13 11:02:34 +00:00
ip_gre.c Add support for IPv6 over GRE [1]. PR kern/80340 includes the 2005-08-01 08:14:21 +00:00
ip_gre.h
ip_icmp.c Always quote the entire TCP header when responding and allocate an mbuf 2005-08-22 14:12:18 +00:00
ip_icmp.h Pass icmp_error() the MTU argument directly instead of 2005-05-04 13:09:19 +00:00
ip_id.c
ip_input.c Introduce in_multi_mtx, which will protect IPv4-layer multicast address 2005-08-03 19:29:47 +00:00
ip_mroute.c Add back missing copyright and license statement. This is identical 2005-06-23 18:42:58 +00:00
ip_mroute.h
ip_output.c Add socketoption IP_MINTTL. May be used to set the minimum acceptable 2005-08-22 16:13:08 +00:00
ip_var.h Check the alignment of the IP header before passing the packet up to the 2005-07-02 23:13:31 +00:00
ip.h
ipprotosw.h
pim_var.h Remove public declarations of variables that were forgotten when they were 2005-08-10 07:10:02 +00:00
pim.h
raw_ip.c Add socketoption IP_MINTTL. May be used to set the minimum acceptable 2005-08-22 16:13:08 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c
tcp_input.c Add socketoption IP_MINTTL. May be used to set the minimum acceptable 2005-08-22 16:13:08 +00:00
tcp_output.c Replace t_force with a t_flag (TF_FORCEDATA). 2005-05-21 00:38:29 +00:00
tcp_reass.c Add socketoption IP_MINTTL. May be used to set the minimum acceptable 2005-08-22 16:13:08 +00:00
tcp_sack.c - Postpone SACK option processing until after PAWS checks. SACK option 2005-06-27 22:27:42 +00:00
tcp_seq.h - Tighten up the Timestamp checks to prevent a spoofed segment from 2005-04-10 05:24:59 +00:00
tcp_subr.c recover the line which was wrongly disappeared during scope cleanup. 2005-08-01 12:08:49 +00:00
tcp_syncache.c Remove no-op spl's and most comment references to spls, as TCP locking 2005-07-19 12:21:26 +00:00
tcp_timer.c Remove no-op spl's and most comment references to spls, as TCP locking 2005-07-19 12:21:26 +00:00
tcp_timer.h
tcp_timewait.c recover the line which was wrongly disappeared during scope cleanup. 2005-08-01 12:08:49 +00:00
tcp_usrreq.c scope cleanup. with this change 2005-07-25 12:31:43 +00:00
tcp_var.h - Postpone SACK option processing until after PAWS checks. SACK option 2005-06-27 22:27:42 +00:00
tcp.h Rewrite of tcp_sack_option(). Kentaro Kurahone (NetBSD) pointed out 2005-05-23 19:22:48 +00:00
tcpip.h
udp_usrreq.c Add socketoption IP_MINTTL. May be used to set the minimum acceptable 2005-08-22 16:13:08 +00:00
udp_var.h
udp.h