d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
649b4336f4
freebsd-skq/sys/netinet
History
andre 649b4336f4 New ipfw option "antispoof": 
For incoming packets, the packet's source address is checked if it
 belongs to a directly connected network.  If the network is directly
 connected, then the interface the packet came on in is compared to
 the interface the network is connected to.  When incoming interface
 and directly connected interface are not the same, the packet does
 not match.

Usage example:

 ipfw add deny ip from any to any not antispoof in

Manpage education by:	ru
2004-08-09 16:12:10 +00:00
..
libalias Fix Skinny and PPTP NAT'ing after the introduction of the {ip,tcp,udp}_next 2004-08-04 15:17:08 +00:00
accf_data.c
accf_http.c
icmp6.h
icmp_var.h
if_atm.c
if_atm.h
if_ether.c
if_ether.h
igmp_var.h
igmp.c
igmp.h
in_cksum.c
in_gif.c
in_gif.h
in_pcb.c Disallow a particular kind of port theft described by the following scenario: 2004-07-28 13:03:07 +00:00
in_pcb.h Now that IPv6 performs basic in6pcb and inpcb locking, enable inpcb 2004-08-04 18:27:55 +00:00
in_proto.c
in_rmx.c
in_systm.h
in_var.h
in.c
in.h
ip6.h
ip_divert.c o Move all parts of the IP reassembly process into the function ip_reass() to 2004-08-03 12:31:38 +00:00
ip_divert.h
ip_dummynet.c Do a pass over all modules in the kernel and make them return EOPNOTSUPP 2004-07-15 08:26:07 +00:00
ip_dummynet.h
ip_ecn.c
ip_ecn.h
ip_encap.c
ip_encap.h
ip_fastfwd.c
ip_fw2.c New ipfw option "antispoof": 2004-08-09 16:12:10 +00:00
ip_fw.h New ipfw option "antispoof": 2004-08-09 16:12:10 +00:00
ip_gre.c
ip_gre.h
ip_icmp.c Define semantic of M_SKIP_FIREWALL more precisely, i.e. also pass associated 2004-07-17 05:10:06 +00:00
ip_icmp.h
ip_id.c
ip_input.c o Move all parts of the IP reassembly process into the function ip_reass() to 2004-08-03 12:31:38 +00:00
ip_mroute.c Fix bug with tracking the previous element in a list. 2004-08-03 02:01:44 +00:00
ip_mroute.h
ip_output.c o Delayed checksums are now calculated in divert_packet() for diverted packets 2004-08-03 14:13:36 +00:00
ip_var.h
ip.h
ipprotosw.h
pim_var.h
pim.h
raw_ip.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c
tcp_input.c After each label in tcp_input(), assert the inpcbinfo and inpcb lock 2004-07-12 19:28:07 +00:00
tcp_output.c Fix a bug in the sack code that was causing data to be retransmitted 2004-07-28 02:15:14 +00:00
tcp_reass.c After each label in tcp_input(), assert the inpcbinfo and inpcb lock 2004-07-12 19:28:07 +00:00
tcp_sack.c
tcp_seq.h
tcp_subr.c Pass pcbinfo structures to in6_pcbnotify() rather than pcbhead 2004-08-06 03:45:45 +00:00
tcp_syncache.c Fix the !INET6 build. 2004-07-17 21:40:14 +00:00
tcp_timer.c
tcp_timer.h
tcp_timewait.c Pass pcbinfo structures to in6_pcbnotify() rather than pcbhead 2004-08-06 03:45:45 +00:00
tcp_usrreq.c compare pointer against NULL, not 0 2004-07-26 21:29:56 +00:00
tcp_var.h The tcp syncache code was leaving the IPv6 flowlabel uninitialised 2004-07-17 19:44:13 +00:00
tcp.h
tcpip.h
udp_usrreq.c When iterating the UDP inpcb list processing an inbound broadcast 2004-08-06 02:08:31 +00:00
udp_var.h
udp.h