d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a9c9684163
freebsd-nq/sys
History
Jonathan Lemon a9c9684163 Extend the SYN DoS defense by adding syncookies to the syncache. 
All TCP ISNs that are sent out are valid cookies, which allows entries
in the syncache to be dropped and still have the ACK accepted later.
As all entries pass through the syncache, there is no sudden switchover
from cache -> cookies when the cache is full; instead, syncache entries
simply have a reduced lifetime.  More details may be found in the
"Resisting DoS attacks with a SYN cache" paper in the Usenix BSDCon 2002
conference proceedings.

Sponsored by: DARPA, NAI Labs
2001-12-19 06:12:14 +00:00
..
alpha Merge part of revision 1.18 of sys/i386/linux/linux_machdep.c: don't use 2001-12-18 18:50:02 +00:00
amd64 Axe stale extern for a non-existent variable. 2001-12-18 22:42:09 +00:00
arm We need machine/{signal,ucontext}.h to build a cross GCC compiler. 2001-12-09 19:39:49 +00:00
boot mdoc(7) police: remove hard sentence break which I didn't 2001-12-14 09:06:11 +00:00
cam o Add KLD support for scsi_low. 2001-12-15 12:32:23 +00:00
coda Update to C99, s/__FUNCTION__/__func__/, 2001-12-10 08:09:49 +00:00
compat Update to C99, s/__FUNCTION__/__func__/, 2001-12-10 08:09:49 +00:00
conf MFi386: options.i386 revision 1.162 2001-12-16 09:04:08 +00:00
contrib Fix initialisation of struct nat entry, to solve a panic that occurs 2001-12-05 10:46:24 +00:00
crypto fixed the cast128 calculation with a short cipher key length. 2001-11-27 14:11:47 +00:00
ddb Implement a "kill" DDB command which is an interface to psignal() that 2001-11-27 19:56:28 +00:00
dev Display the right message for the SiS 645 chipset. 2001-12-19 01:53:11 +00:00
fs Add module dependency on libmchain. 2001-12-13 13:08:34 +00:00
geom Return EOPNOTSUPP for unknown module events. 2001-11-17 00:46:08 +00:00
gnu Update to C99, s/__FUNCTION__/__func__/, 2001-12-10 08:09:49 +00:00
i4b Update to C99, s/__FUNCTION__/__func__/, 2001-12-10 08:09:49 +00:00
i386 Axe stale extern for a non-existent variable. 2001-12-18 22:42:09 +00:00
ia64 Modify the critical section API as follows: 2001-12-18 00:27:18 +00:00
isa Change the test for _MACHINE_ARCH == i386 into #ifdef __i386__ since it 2001-12-18 22:16:33 +00:00
isofs/cd9660 Fix mounting root from a ISO9660 filesystem on a SCSI CDROM. 2001-11-27 03:55:43 +00:00
kern Do not initialize static/global variables to 0. Use bss instead of 2001-12-19 01:35:18 +00:00
libkern rcsid[]->__FBSDID 2001-11-07 19:55:16 +00:00
modules Add modules of scsi_low based SCSI drivers ncv, nsp, stg, and common 2001-12-15 12:44:38 +00:00
net Initalize ifq_maxlen to prevent a harmless warning message. 2001-12-17 07:49:34 +00:00
netatalk Give struct socket structures a ref counting interface similar to 2001-11-17 03:07:11 +00:00
netatm Give struct socket structures a ref counting interface similar to 2001-11-17 03:07:11 +00:00
netgraph Typo. 2001-12-15 20:53:15 +00:00
netinet Extend the SYN DoS defense by adding syncookies to the syncache. 2001-12-19 06:12:14 +00:00
netinet6 Back out cometic changes. This is for easily syncing with KAME in other BSDs. 2001-12-17 18:13:12 +00:00
netipx Give struct socket structures a ref counting interface similar to 2001-11-17 03:07:11 +00:00
netkey Newer SA is prefered for a out-bound packet than old one 2001-12-05 05:40:49 +00:00
netnatm Give struct socket structures a ref counting interface similar to 2001-11-17 03:07:11 +00:00
netncp Update to C99, s/__FUNCTION__/__func__/, 2001-12-10 08:09:49 +00:00
netns Give struct socket structures a ref counting interface similar to 2001-11-17 03:07:11 +00:00
netsmb Update to C99, s/__FUNCTION__/__func__/, 2001-12-10 08:09:49 +00:00
nfs Avoid passing the variable `tl' to functions that just use it for 2001-12-18 01:22:09 +00:00
nfsclient Avoid passing the variable `tl' to functions that just use it for 2001-12-18 01:22:09 +00:00
nfsserver Avoid passing the variable `tl' to functions that just use it for 2001-12-18 01:22:09 +00:00
pc98 Merged from sys/isa/{fd.c,fdreg.h} revisions 1.222 and 1.15, respectively. 2001-12-16 09:00:03 +00:00
pccard Better error message when cardtype is not recognized 2001-11-13 06:46:19 +00:00
pci Fix a problem where stats overflow interrupts would cause 2001-12-17 22:24:19 +00:00
posix4 KSE Milestone 2 2001-09-12 08:38:13 +00:00
powerpc Modify the critical section API as follows: 2001-12-18 00:27:18 +00:00
rpc
security/lomac Split out NAI Labs license and BSD license to prevent the accidental 2001-12-03 00:21:18 +00:00
sparc64 Modify the critical section API as follows: 2001-12-18 00:27:18 +00:00
svr4
sys Make RFPPWAIT a kernel-only flag. Programs desiring this feature should 2001-12-19 00:55:13 +00:00
tools Move from using PCCARD_ symbols gereated from this file to using PCMCIA_ 2001-11-11 20:15:06 +00:00
ufs Change the atomic_set_char to atomic_set_int and atomic_clear_char 2001-12-18 18:05:17 +00:00
vm This fixes a large number of bugs in our NFS client side code. A recent 2001-12-14 01:16:57 +00:00
Makefile