d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ae06dbeeb4
freebsd-dev/sys/netinet
History
silby 8878184942 Temporary feature: Runtime tuneable tcp initial sequence number 
generation scheme.  Users may now select between the currently used
OpenBSD algorithm and the older random positive increment method.

While the OpenBSD algorithm is more secure, it also breaks TIME_WAIT
handling; this is causing trouble for an increasing number of folks.

To switch between generation schemes, one sets the sysctl
net.inet.tcp.tcp_seq_genscheme.  0 = random positive increments,
1 = the OpenBSD algorithm.  1 is still the default.

Once a secure _and_ compatible algorithm is implemented, this sysctl
will be removed.

Reviewed by: jlemon
Tested by: numerous subscribers of -net
2001-07-08 02:20:47 +00:00
..
libalias Fixed the brain-o in rev. 1.10: the logic check was reversed. 2001-06-27 14:11:25 +00:00
accf_data.c
accf_http.c
icmp6.h - Renumber KAME local ICMP types and NDP options numberes beacaues they 2001-06-21 07:08:43 +00:00
icmp_var.h
if_atm.c
if_atm.h
if_ether.c
if_ether.h
if_fddi.h
igmp_var.h
igmp.c Add netstat(1) knob to reset net.inet.{ip|icmp|tcp|udp|igmp}.stats. 2001-06-23 17:17:59 +00:00
igmp.h
in_cksum.c
in_gif.c gif(4) and stf(4) modernization: 2001-07-02 21:02:09 +00:00
in_gif.h gif(4) and stf(4) modernization: 2001-07-02 21:02:09 +00:00
in_hostcache.c
in_hostcache.h
in_pcb.c Backout CSRG revision 7.22 to this file (if in_losing notices an 2001-06-29 12:07:29 +00:00
in_pcb.h
in_proto.c gif(4) and stf(4) modernization: 2001-07-02 21:02:09 +00:00
in_rmx.c
in_systm.h
in_var.h
in.c
in.h
ip6.h
ip_divert.c
ip_dummynet.c
ip_dummynet.h
ip_ecn.c
ip_ecn.h
ip_encap.c
ip_encap.h
ip_flow.c Bring in fix from NetBSD's revision 1.16: 2001-06-26 09:00:50 +00:00
ip_flow.h
ip_fw.c While in there fixing a fragment logging bug, fix it so we log 2001-07-02 15:50:31 +00:00
ip_fw.h
ip_icmp.c Add netstat(1) knob to reset net.inet.{ip|icmp|tcp|udp|igmp}.stats. 2001-06-23 17:17:59 +00:00
ip_icmp.h
ip_id.c
ip_input.c Add netstat(1) knob to reset net.inet.{ip|icmp|tcp|udp|igmp}.stats. 2001-06-23 17:17:59 +00:00
ip_mroute.c
ip_mroute.h
ip_output.c
ip_var.h
ip.h
ipprotosw.h
raw_ip.c
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_input.c Temporary feature: Runtime tuneable tcp initial sequence number 2001-07-08 02:20:47 +00:00
tcp_output.c Eliminate the allocation of a tcp template structure for each 2001-06-23 03:21:46 +00:00
tcp_reass.c Temporary feature: Runtime tuneable tcp initial sequence number 2001-07-08 02:20:47 +00:00
tcp_seq.h Temporary feature: Runtime tuneable tcp initial sequence number 2001-07-08 02:20:47 +00:00
tcp_subr.c Temporary feature: Runtime tuneable tcp initial sequence number 2001-07-08 02:20:47 +00:00
tcp_timer.c Temporary feature: Runtime tuneable tcp initial sequence number 2001-07-08 02:20:47 +00:00
tcp_timer.h
tcp_timewait.c Temporary feature: Runtime tuneable tcp initial sequence number 2001-07-08 02:20:47 +00:00
tcp_usrreq.c Temporary feature: Runtime tuneable tcp initial sequence number 2001-07-08 02:20:47 +00:00
tcp_var.h Temporary feature: Runtime tuneable tcp initial sequence number 2001-07-08 02:20:47 +00:00
tcp.h
tcpip.h
udp_usrreq.c Allow getcred sysctl to work in jailed root processes. Processes can 2001-06-24 12:18:27 +00:00
udp_var.h
udp.h