src - FreeBSD source tree

diff options

author	acazuc <acazuc@acazuc.fr>	2025-03-03 13:21:15 +0000
committer	Gleb Smirnoff <glebius@FreeBSD.org>	2025-03-04 16:45:32 +0000
commit	70703aa922b41faedfd72211633884bb580ceeac (patch)
tree	e14f5d7520eef872dad14449406d24b5ee398c8e /bin/ps/(developers-only)
parent	80b64ef0a10b87ff2f79d1a6e18ecdf3e3bee1b1 (diff)

netinet: allow per protocol random IP id control, single out IPSECHEAD main

A globally enabled random IP id generation maybe useful in most IP contexts, but it may be unnecessary in the case of IPsec encapsulated packets because IPsec can be configured to use anti-replay windows. This commit adds a new net.inet.ipsec.random_id sysctl to control whether or not IPsec packets should use random IP id generation. Rest of the protocols/modules are still controlled by the global net.inet.ip.random_id, but can be easily augmented with a knob. Reviewed by: glebius Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D49164

Diffstat (limited to 'bin/ps/(developers-only)')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: