diff options
| author | Kris Kennaway <kris@FreeBSD.org> | 2001-06-01 10:02:28 +0000 |
|---|---|---|
| committer | Kris Kennaway <kris@FreeBSD.org> | 2001-06-01 10:02:28 +0000 |
| commit | 64dddc18727af4db4a6047ff86291d981f6e9042 (patch) | |
| tree | d14c59a1c770743cba7da931ef380dacafd39381 /sys/netinet/ip_var.h | |
| parent | 25d1a10fa0d91ff48fc30ca9237eba5936205fc8 (diff) | |
| download | src-64dddc18727af4db4a6047ff86291d981f6e9042.tar.gz src-64dddc18727af4db4a6047ff86291d981f6e9042.zip | |
Add ``options RANDOM_IP_ID'' which randomizes the ID field of IP packets.
This closes a minor information leak which allows a remote observer to
determine the rate at which the machine is generating packets, since the
default behaviour is to increment a counter for each packet sent.
Reviewed by: -net
Obtained from: OpenBSD
Notes
Notes:
svn path=/head/; revision=77574
Diffstat (limited to 'sys/netinet/ip_var.h')
| -rw-r--r-- | sys/netinet/ip_var.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index bc8b7978459d..6354d84da527 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -138,7 +138,9 @@ struct route; struct sockopt; extern struct ipstat ipstat; +#ifndef RANDOM_IP_ID extern u_short ip_id; /* ip packet ctr, for ids */ +#endif extern int ip_defttl; /* default IP ttl */ extern int ipforwarding; /* ip forwarding */ extern struct route ipforward_rt; /* ip forwarding cached route */ @@ -164,6 +166,10 @@ void ip_slowtimo __P((void)); struct mbuf * ip_srcroute __P((void)); void ip_stripoptions __P((struct mbuf *, struct mbuf *)); +#ifdef RANDOM_IP_ID +u_int16_t + ip_randomid __P((void)); +#endif int rip_ctloutput __P((struct socket *, struct sockopt *)); void rip_ctlinput __P((int, struct sockaddr *, void *)); void rip_init __P((void)); |