freebsd-skq/sys/netinet
Paul Saab e891d82b56 Add limits on the number of elements in the sack scoreboard both
per-connection and globally. This eliminates potential DoS attacks
where SACK scoreboard elements tie up too much memory.

Submitted by:	Raja Mukerji (raja at moselle dot com).
Reviewed by:	Mohan Srinivasan (mohans at yahoo-inc dot com).
2005-03-09 23:14:10 +00:00
..
libalias Fix a problem in the Skinny ALG where a specially crafted packet could cause 2005-03-03 03:06:37 +00:00
accf_data.c add missing #include <sys/module.h> 2004-05-30 20:27:19 +00:00
accf_http.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
icmp6.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
icmp_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
if_atm.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
if_atm.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
if_ether.c Make ARP do not complain about wrong interface if correct interface 2005-03-09 10:00:01 +00:00
if_ether.h Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
igmp_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
igmp.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
igmp.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_cksum.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_gif.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_gif.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_pcb.c We can make code simplier after last change. 2005-02-22 08:35:24 +00:00
in_pcb.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_proto.c Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
in_rmx.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_systm.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in.h Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
ip6.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_carp.c Fix typo. Unbreak build. Take pointy hat. 2005-03-02 09:11:18 +00:00
ip_carp.h Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
ip_divert.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_divert.h Convert IPDIVERT into a loadable module. This makes use of the dynamic loadability 2004-10-19 21:14:57 +00:00
ip_dummynet.c Use NET_CALLOUT_MPSAFE macro. 2005-03-01 12:01:17 +00:00
ip_dummynet.h - Reduce number of arguments passed to dummynet_io(), we already have cookie 2005-01-16 11:13:18 +00:00
ip_ecn.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_ecn.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_encap.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_encap.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_fastfwd.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_fw2.c Use NET_CALLOUT_MPSAFE macro. 2005-03-01 12:01:17 +00:00
ip_fw_pfil.c Add a ng_ipfw node, implementing a quick and simple interface between 2005-02-05 12:06:33 +00:00
ip_fw.h Add a ng_ipfw node, implementing a quick and simple interface between 2005-02-05 12:06:33 +00:00
ip_gre.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_gre.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_icmp.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_icmp.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_id.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_input.c fix potential invalid index into ip_protox array 2005-02-23 00:38:12 +00:00
ip_mroute.c Use NET_CALLOUT_MPSAFE macro. 2005-03-01 12:01:17 +00:00
ip_mroute.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_output.c Bring back the full packet destination manipulation for 'ipfw fwd' 2005-02-22 17:40:40 +00:00
ip_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ipprotosw.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
pim_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
pim.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
raw_ip.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_debug.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_debug.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_fsm.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_hostcache.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_input.c Remove 2 (SACK) fields from the tcpcb. These are only used by a 2005-02-17 23:04:56 +00:00
tcp_output.c Fix a TCP SACK related crash resulting from incorrect computation 2005-01-12 21:40:51 +00:00
tcp_reass.c Remove 2 (SACK) fields from the tcpcb. These are only used by a 2005-02-17 23:04:56 +00:00
tcp_sack.c Add limits on the number of elements in the sack scoreboard both 2005-03-09 23:14:10 +00:00
tcp_seq.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_subr.c Use NET_CALLOUT_MPSAFE macro. 2005-03-01 12:01:17 +00:00
tcp_syncache.c Use NET_CALLOUT_MPSAFE macro. 2005-03-01 12:01:17 +00:00
tcp_timer.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_timer.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_timewait.c Use NET_CALLOUT_MPSAFE macro. 2005-03-01 12:01:17 +00:00
tcp_usrreq.c In the current world order, solisten() implements the state transition of 2005-02-21 21:58:17 +00:00
tcp_var.h Add limits on the number of elements in the sack scoreboard both 2005-03-09 23:14:10 +00:00
tcp.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcpip.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
udp_usrreq.c In in_pcbconnect_setup() jailed sockets are treated specially: if local 2005-02-22 07:50:02 +00:00
udp_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
udp.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00