d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/sys/netinet
History
andre d4f49f008f Add the option versrcreach to verify that a valid route to the 
source address of a packet exists in the routing table.  The
default route is ignored because it would match everything and
render the check pointless.

This option is very useful for routers with a complete view of
the Internet (BGP) in the routing table to reject packets with
spoofed or unrouteable source addresses.

Example:

 ipfw add 1000 deny ip from any to any not versrcreach

also known in Cisco-speak as:

  ip verify unicast source reachable-via any

Reviewed by:	luigi
2004-04-23 14:28:38 +00:00
..
libalias
Unbreak natd.
2004-04-02 17:57:57 +00:00
accf_data.c
Remove so*_locked(), which were backed out by mistake.
2002-06-18 07:42:02 +00:00
accf_http.c
Remove so*_locked(), which were backed out by mistake.
2002-06-18 07:42:02 +00:00
icmp6.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
icmp_var.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
if_atm.c
replace explicit changes to rt_refcnt by RT_ADDREF and RT_REMREF
2003-11-08 23:36:32 +00:00
if_atm.h
if_ether.c
Replace Bcopy with 'the real thing' as in the rest of the file.
2004-04-18 11:45:49 +00:00
if_ether.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
igmp_var.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
igmp.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
igmp.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
in_cksum.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
in_gif.c
In an effort to simplify the routing code, try to deprecate rtalloc()
2004-04-14 01:13:14 +00:00
in_gif.h
- fix typo in comment.
2003-10-07 17:46:18 +00:00
in_pcb.c
Take out an unneeded variable I forgot to remove in the last commit,
2004-04-22 08:34:55 +00:00
in_pcb.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
in_proto.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
in_rmx.c
Introduce tcp_hostcache and remove the tcp specific metrics from
2003-11-20 20:07:39 +00:00
in_systm.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
in_var.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
in.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
in.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ip6.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ip_divert.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ip_divert.h
Re-remove MT_TAGs. The problems with dummynet have been fixed now.
2004-02-25 19:55:29 +00:00
ip_dummynet.c
Add some missing DUMMYNET_UNLOCK() in config_pipe().
2004-03-03 01:33:22 +00:00
ip_dummynet.h
Re-remove MT_TAGs. The problems with dummynet have been fixed now.
2004-02-25 19:55:29 +00:00
ip_ecn.c
add ECN support in layer-3.
2003-10-29 15:07:04 +00:00
ip_ecn.h
add ECN support in layer-3.
2003-10-29 15:07:04 +00:00
ip_encap.c
Lock down IP-layer encapsulation library:
2004-03-10 02:48:50 +00:00
ip_encap.h
ip_fastfwd.c
Re-remove MT_TAGs. The problems with dummynet have been fixed now.
2004-02-25 19:55:29 +00:00
ip_fw2.c
Add the option versrcreach to verify that a valid route to the
2004-04-23 14:28:38 +00:00
ip_fw.h
Add the option versrcreach to verify that a valid route to the
2004-04-23 14:28:38 +00:00
ip_gre.c
Lock down global variables in if_gre:
2004-03-22 16:04:43 +00:00
ip_gre.h
de-__P().
2002-10-16 22:27:27 +00:00
ip_icmp.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ip_icmp.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ip_id.c
Tweak existing header and other build infrastructure to be able to build
2004-02-26 03:53:54 +00:00
ip_input.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ip_mroute.c
To comply with the spec, do not copy the TOS from the outer IP
2004-03-08 07:47:27 +00:00
ip_mroute.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ip_output.c
In an effort to simplify the routing code, try to deprecate rtalloc()
2004-04-14 01:13:14 +00:00
ip_var.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ip.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
ipprotosw.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
pim_var.h
New PIM header files.
2003-08-07 18:17:43 +00:00
pim.h
Include <sys/types.h> for autoconf/automake detection.
2004-03-08 07:45:32 +00:00
raw_ip.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_debug.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_debug.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_fsm.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_hostcache.c
Fix a potential race when purging expired hostcache entries.
2004-04-23 13:54:28 +00:00
tcp_input.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_output.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_reass.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_seq.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_subr.c
Enhance our RFC1948 implementation to perform better in some pathlogical
2004-04-20 06:33:39 +00:00
tcp_syncache.c
Reduce 'td' argument to 'cred' (struct ucred) argument in those functions:
2004-03-27 21:05:46 +00:00
tcp_timer.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_timer.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_timewait.c
Enhance our RFC1948 implementation to perform better in some pathlogical
2004-04-20 06:33:39 +00:00
tcp_usrreq.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcp_var.h
Fix a typo in a comment.
2004-04-20 19:04:24 +00:00
tcp.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
tcpip.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
udp_usrreq.c
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
udp_var.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
udp.h
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00