freebsd-skq/sys/netinet6
Kris Kennaway 64dddc1872 Add ``options RANDOM_IP_ID'' which randomizes the ID field of IP packets.
This closes a minor information leak which allows a remote observer to
determine the rate at which the machine is generating packets, since the
default behaviour is to increment a counter for each packet sent.

Reviewed by:    -net
Obtained from:  OpenBSD
2001-06-01 10:02:28 +00:00
..
ah6.h
ah_core.c More IP option length validation. 2001-02-26 03:41:13 +00:00
ah_input.c Lock down the network interface queues. The queue mutex must be obtained 2000-11-25 07:35:38 +00:00
ah_output.c More IP option length validation. 2001-02-26 03:41:13 +00:00
ah.h
dest6.c More IP option length validation. 2001-02-26 03:41:13 +00:00
esp6.h
esp_core.c
esp_input.c Lock down the network interface queues. The queue mutex must be obtained 2000-11-25 07:35:38 +00:00
esp_output.c
esp.h
frag6.c Plug memoly leak in overlaps fragment cases. 2001-05-20 15:33:46 +00:00
icmp6.c Convert all users of fldoff() to offsetof(). fldoff() is bad 2000-10-27 11:45:49 +00:00
icmp6.h
in6_cksum.c
in6_gif.c Convert all users of fldoff() to offsetof(). fldoff() is bad 2000-10-27 11:45:49 +00:00
in6_gif.h
in6_ifattach.c on in6_ifdetach(), do not remove default route mistakenly 2001-01-22 13:02:10 +00:00
in6_ifattach.h
in6_pcb.c First step towards an MP-safe zone allocator: 2001-01-21 22:23:11 +00:00
in6_pcb.h
in6_prefix.c do not touch ra_addr if it is NULL. from IIJ SEIL team 2001-01-02 15:17:19 +00:00
in6_prefix.h
in6_proto.c Back out jesper's 2001/05/31 14:58:11 PDT commit. It does not compile. 2001-06-01 09:51:14 +00:00
in6_rmx.c
in6_src.c Yikes, these files bogusly #include "loop.h" but didn't use the value. 2001-01-29 11:28:20 +00:00
in6_var.h Convert if_multiaddrs from LIST to TAILQ so that it can be traversed 2001-02-06 10:12:15 +00:00
in6.c workaround; be sure to initialize nd6 interface information when IPv6 2001-01-18 06:07:53 +00:00
in6.h
ip6_ecn.h
ip6_forward.c Make ip6fw as loadable module. 2000-09-23 18:50:59 +00:00
ip6_fw.c Fix the vulnerability with TCP ECE packets recently fixed in ipfw. 2001-01-23 21:11:28 +00:00
ip6_fw.h Fix the vulnerability with TCP ECE packets recently fixed in ipfw. 2001-01-23 21:11:28 +00:00
ip6_input.c M_COPY_PKTHDR has to be done before MCLGET. 2001-05-22 17:32:02 +00:00
ip6_mroute.c Fix typo: seperate -> separate. 2001-02-06 11:21:58 +00:00
ip6_mroute.h
ip6_output.c Fix memory leak. 2001-05-23 20:41:17 +00:00
ip6_var.h
ip6.h
ip6protosw.h make pr_type type meet with struct protosw. sync with kame 2000-10-03 13:39:49 +00:00
ipcomp6.h
ipcomp_core.c
ipcomp_input.c
ipcomp_output.c
ipcomp.h
ipsec6.h
ipsec.c Add ``options RANDOM_IP_ID'' which randomizes the ID field of IP packets. 2001-06-01 10:02:28 +00:00
ipsec.h
mld6_var.h
mld6.c Convert if_multiaddrs from LIST to TAILQ so that it can be traversed 2001-02-06 10:12:15 +00:00
nd6_nbr.c
nd6_rtr.c
nd6.c Plug several mbuf leaks in error cases (in nd6) 2001-03-11 05:31:45 +00:00
nd6.h Fix typo: compatability -> compatibility. 2001-02-06 12:05:58 +00:00
pim6_var.h
pim6.h
raw_ip6.c * Rename M_WAIT mbuf subsystem flag to M_TRYWAIT. 2000-12-21 21:44:31 +00:00
README
route6.c
scope6_var.h
scope6.c
tcp6_var.h
udp6_output.c Move suser() and suser_xxx() prototypes and a related #define from 2000-10-29 16:06:56 +00:00
udp6_usrreq.c Switch to using a struct xucred instead of a struct xucred when not 2001-02-18 13:30:20 +00:00
udp6_var.h

a note to committers about KAME tree
$FreeBSD$
KAME project


FreeBSD IPv6/IPsec tree is from KAMEproject (http://www.kame.net/).
To synchronize KAME tree and FreeBSD better today and in the future,
please understand the following:

- DO NOT MAKE COSTMETIC CHANGES.
  "Cosmetic changes" here includes tabify, untabify, removal of space at EOL,
  minor KNF items, and whatever adds more output lines on "diff freebsd kame".
  To make future synchronization easier. it is critical to preserve certain
  statements in the code.  Also, as KAME tree supports all 4 BSDs (Free, Open,
  Net, BSD/OS) in single shared tree, it is not always possible to backport
  FreeBSD changes into KAME tree.  So again, please do not make cosmetic
  changes.  Even if you think it a right thing, that will bite KAME guys badly
  during upgrade attempts, and prevent us from synchronizing two trees.
  (you don't usually make cosmetic changes against third-party code, do you?)

- REPORT CHANGES/BUGS TO KAME GUYS.
  It is not always possible for KAME guys to watch all the freebsd mailing
  list traffic, as the traffic is HUGE.  So if possible, please, inform
  kame guys of changes you made in IPv6/IPsec related portion.  Contact
  path would be snap-users@kame.net or KAME PR database on www.kame.net.
  (or to core@kame.net if it is necessary to make it confidential)

Thank you for your cooperation and have a happy IPv6 life!


Note: KAME-origin code is in the following locations.
The above notice applies to corresponding manpages too.
The list may not be complete.  If you see $KAME$ in the code, it is from
KAME distribution.  If you see some file that is IPv6/IPsec related, it is
highly possible that the file is from KAME distribution.

include/ifaddrs.h
lib/libc/net
lib/libc/net/getaddrinfo.c
lib/libc/net/getifaddrs.c
lib/libc/net/getnameinfo.c
lib/libc/net/ifname.c
lib/libc/net/ip6opt.c
lib/libc/net/map_v4v6.c
lib/libc/net/name6.c
lib/libftpio
lib/libipsec
sbin/ip6fw
sbin/ping6
sbin/rtsol
share/doc/IPv6
share/man/man4/ip6.4
share/man/man4/inet6.4
sys/crypto (except sys/crypto/rc4)
sys/kern/uipc_mbuf2.c
sys/net/if_faith.[ch]
sys/net/if_gif.[ch]
sys/net/if_stf.[ch]
sys/net/pfkeyv2.h
sys/netinet/icmp6.h
sys/netinet/in_gif.[ch]
sys/netinet/ip6.h
sys/netinet/ip_encap.[ch]
sys/netinet6
sys/netkey
usr.sbin/faithd
usr.sbin/gifconfig
usr.sbin/ifmcstat
usr.sbin/mld6query
usr.sbin/ndp
usr.sbin/pim6dd
usr.sbin/pim6sd
usr.sbin/prefix
usr.sbin/rip6query
usr.sbin/route6d
usr.sbin/rrenumd
usr.sbin/rtadvd
usr.sbin/rtsold
usr.sbin/scope6config
usr.sbin/setkey
usr.sbin/traceroute6