DragonFly submit List (threaded) for 2005-08
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
[PATCH] turn RANDOM_IP_ID into a sysctl
Hi,
the following patch turns RANDOM_IP_ID into a sysctl tunable.
http://generic.0xfce3.net/dragonflybsd/20050810-randomipid.patch
regards,
Gordon
Index: sys/conf/options
===================================================================
RCS file: /home/dcvs/src/sys/conf/options,v
retrieving revision 1.39
diff -u -r1.39 options
--- sys/conf/options 1 Aug 2005 20:11:18 -0000 1.39
+++ sys/conf/options 10 Aug 2005 11:58:49 -0000
@@ -314,7 +314,6 @@
PPP_BSDCOMP opt_ppp.h
PPP_DEFLATE opt_ppp.h
PPP_FILTER opt_ppp.h
-RANDOM_IP_ID
SLIP_IFF_OPTS opt_slip.h
TCPDEBUG
TCP_DROP_SYNFIN opt_tcp_input.h
Index: sys/i386/conf/LINT
===================================================================
RCS file: /home/dcvs/src/sys/i386/conf/LINT,v
retrieving revision 1.57
diff -u -r1.57 LINT
--- sys/i386/conf/LINT 1 Aug 2005 20:11:18 -0000 1.57
+++ sys/i386/conf/LINT 10 Aug 2005 11:58:01 -0000
@@ -626,13 +626,6 @@
# test cases.
options MBUF_STRESS_TEST
-# RANDOM_IP_ID causes the ID field in IP packets to be randomized
-# instead of incremented by 1 with each packet generated. This
-# option closes a minor information leak which allows remote
-# observers to determine the rate of packet generation on the
-# machine by watching the counter.
-options RANDOM_IP_ID
-
# Statically link in accept filters
options ACCEPT_FILTER_DATA
options ACCEPT_FILTER_HTTP
Index: sys/net/ip_mroute/Makefile
===================================================================
RCS file: /home/dcvs/src/sys/net/ip_mroute/Makefile,v
retrieving revision 1.3
diff -u -r1.3 Makefile
--- sys/net/ip_mroute/Makefile 15 Aug 2003 07:03:10 -0000 1.3
+++ sys/net/ip_mroute/Makefile 10 Aug 2005 12:00:39 -0000
@@ -3,14 +3,11 @@
. PATH: ${.CURDIR}/../../netinet
KMOD= ip_mroute
-SRCS= ip_mroute.c opt_mrouting.h opt_random_ip_id.h
+SRCS= ip_mroute.c opt_mrouting.h
NOMAN=
CFLAGS+= -DMROUTE_LKM -DMROUTING
opt_mrouting.h:
echo "#define MROUTING 1" > ${.TARGET}
-opt_random_ip_id.h:
- echo > ${.TARGET}
-
. include <bsd.kmod.mk>
Index: sys/net/ip_mroute/ip_mroute.c
===================================================================
RCS file: /home/dcvs/src/sys/net/ip_mroute/ip_mroute.c,v
retrieving revision 1.17
diff -u -r1.17 ip_mroute.c
--- sys/net/ip_mroute/ip_mroute.c 15 Jun 2005 18:29:30 -0000
1.17
+++ sys/net/ip_mroute/ip_mroute.c 10 Aug 2005 12:07:35 -0000
@@ -22,7 +22,6 @@
*/
#include "opt_mrouting.h"
-#include "opt_random_ip_id.h"
#ifdef PIM
#define _PIM_VT 1
@@ -1675,11 +1674,7 @@
*/
ip_copy = mtod(mb_copy, struct ip *);
*ip_copy = multicast_encap_iphdr;
-#ifdef RANDOM_IP_ID
- ip_copy->ip_id = ip_randomid();
-#else
- ip_copy->ip_id = htons(ip_id++);
-#endif
+ ip_copy->ip_id = ip_newid();
ip_copy->ip_len += len;
ip_copy->ip_src = vifp->v_lcl_addr;
ip_copy->ip_dst = vifp->v_rmt_addr;
@@ -2977,11 +2972,7 @@
*/
ip_outer = mtod(mb_first, struct ip *);
*ip_outer = pim_encap_iphdr;
-#ifdef RANDOM_IP_ID
- ip_outer->ip_id = ip_randomid();
-#else
- ip_outer->ip_id = htons(ip_id++);
-#endif
+ ip_outer->ip_id = ip_newid();
ip_outer->ip_len = len + sizeof(pim_encap_iphdr) +
sizeof(pim_encap_pimhdr);
ip_outer->ip_src = viftable[vifi].v_lcl_addr;
ip_outer->ip_dst = rt->mfc_rp;
Index: sys/netinet/ip_id.c
===================================================================
RCS file: /home/dcvs/src/sys/netinet/ip_id.c,v
retrieving revision 1.4
diff -u -r1.4 ip_id.c
--- sys/netinet/ip_id.c 21 Dec 2004 02:54:15 -0000 1.4
+++ sys/netinet/ip_id.c 10 Aug 2005 12:02:01 -0000
@@ -58,13 +58,11 @@
* This avoids reuse issues caused by reseeding.
*/
-#include "opt_random_ip_id.h"
#include <sys/param.h>
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/random.h>
-#ifdef RANDOM_IP_ID
#define RU_OUT 180 /* Time after wich will be reseeded */
#define RU_MAX 30000 /* Uniq cycle, avoid blackjack prediction */
#define RU_GEN 2 /* Starting generator */
@@ -207,5 +205,3 @@
return (ru_seed ^ pmod(ru_g,ru_seed2 ^ ru_x,RU_N)) | ru_msb;
}
-
-#endif /* RANDOM_IP_ID */
Index: sys/netinet/ip_input.c
===================================================================
RCS file: /home/dcvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.55
diff -u -r1.55 ip_input.c
--- sys/netinet/ip_input.c 17 Jun 2005 19:12:20 -0000 1.55
+++ sys/netinet/ip_input.c 10 Aug 2005 15:06:33 -0000
@@ -94,7 +94,6 @@
#include "opt_ipfilter.h"
#include "opt_ipstealth.h"
#include "opt_ipsec.h"
-#include "opt_random_ip_id.h"
#include <sys/param.h>
#include <sys/systm.h>
@@ -196,6 +195,10 @@
&ip_sendsourcequench, 0,
"Enable the transmission of source quench packets");
+int ip_do_randomid = 0;
+SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW,
+ &ip_do_randomid, 0,
+ "Assign random ip_id values");
/*
* XXX - Setting ip_checkinterface mostly implements the receive side of
* the Strong ES model described in RFC 1122, but since the routing table
@@ -370,9 +373,7 @@
maxnipq = nmbclusters / 32;
maxfragsperpacket = 16;
-#ifndef RANDOM_IP_ID
ip_id = time_second & 0xffff;
-#endif
ipintrq.ifq_maxlen = ipqmaxlen;
/*
Index: sys/netinet/ip_output.c
===================================================================
RCS file: /home/dcvs/src/sys/netinet/ip_output.c,v
retrieving revision 1.31
diff -u -r1.31 ip_output.c
--- sys/netinet/ip_output.c 17 Jun 2005 19:12:20 -0000 1.31
+++ sys/netinet/ip_output.c 10 Aug 2005 12:09:15 -0000
@@ -38,7 +38,6 @@
#include "opt_ipdivert.h"
#include "opt_ipfilter.h"
#include "opt_ipsec.h"
-#include "opt_random_ip_id.h"
#include "opt_mbuf_stress_test.h"
#include <sys/param.h>
@@ -210,11 +209,7 @@
if (!(flags & (IP_FORWARDING|IP_RAWOUTPUT))) {
ip->ip_vhl = IP_MAKE_VHL(IPVERSION, hlen >> 2);
ip->ip_off &= IP_DF;
-#ifdef RANDOM_IP_ID
- ip->ip_id = ip_randomid();
-#else
- ip->ip_id = htons(ip_id++);
-#endif
+ ip->ip_id = ip_newid();
ipstat.ips_localout++;
} else {
hlen = IP_VHL_HL(ip->ip_vhl) << 2;
Index: sys/netinet/ip_var.h
===================================================================
RCS file: /home/dcvs/src/sys/netinet/ip_var.h,v
retrieving revision 1.16
diff -u -r1.16 ip_var.h
--- sys/netinet/ip_var.h 18 Apr 2005 14:26:57 -0000 1.16
+++ sys/netinet/ip_var.h 10 Aug 2005 14:47:01 -0000
@@ -158,9 +158,7 @@
struct sockopt;
struct lwkt_port;
-#ifndef RANDOM_IP_ID
extern u_short ip_id; /* ip packet ctr, for ids */
-#endif
extern int ip_defttl; /* default IP ttl */
extern int ipforwarding; /* ip forwarding */
extern struct route ipforward_rt; /* ip forwarding cached
route */
@@ -195,10 +193,7 @@
struct mbuf *
ip_srcroute(void);
void ip_stripoptions(struct mbuf *);
-#ifdef RANDOM_IP_ID
-u_int16_t
- ip_randomid(void);
-#endif
+u_int16_t ip_randomid(void);
int rip_ctloutput(struct socket *, struct sockopt *);
void rip_ctlinput(int, struct sockaddr *, void *);
void rip_init(void);
@@ -223,6 +218,18 @@
void in_delayed_cksum(struct mbuf *m);
+static __inline uint16_t ip_newid(void);
+extern int ip_do_randomid;
+
+static __inline uint16_t
+ip_newid(void)
+{
+ if (ip_do_randomid)
+ return ip_randomid();
+
+ return htons(ip_id++);
+}
+
#endif /* _KERNEL */
#endif /* !_NETINET_IP_VAR_H_ */
Index: sys/netinet/raw_ip.c
===================================================================
RCS file: /home/dcvs/src/sys/netinet/raw_ip.c,v
retrieving revision 1.22
diff -u -r1.22 raw_ip.c
--- sys/netinet/raw_ip.c 2 Jun 2005 23:52:42 -0000 1.22
+++ sys/netinet/raw_ip.c 10 Aug 2005 12:13:49 -0000
@@ -37,7 +37,6 @@
#include "opt_inet6.h"
#include "opt_ipsec.h"
-#include "opt_random_ip_id.h"
#include <sys/param.h>
#include <sys/systm.h>
@@ -297,11 +296,7 @@
return EINVAL;
}
if (ip->ip_id == 0)
-#ifdef RANDOM_IP_ID
- ip->ip_id = ip_randomid();
-#else
- ip->ip_id = htons(ip_id++);
-#endif
+ ip->ip_id = ip_newid();
/* XXX prevent ip_output from overwriting header fields */
flags |= IP_RAWOUTPUT;
ipstat.ips_rawout++;
Index: sys/netproto/ipsec/xform_ipip.c
===================================================================
RCS file: /home/dcvs/src/sys/netproto/ipsec/xform_ipip.c,v
retrieving revision 1.11
diff -u -r1.11 xform_ipip.c
--- sys/netproto/ipsec/xform_ipip.c 10 Jun 2005 23:59:31 -0000
1.11
+++ sys/netproto/ipsec/xform_ipip.c 10 Aug 2005 12:17:12 -0000
@@ -42,7 +42,6 @@
*/
#include "opt_inet.h"
#include "opt_inet6.h"
-#include "opt_random_ip_id.h"
#include <sys/param.h>
#include <sys/systm.h>
@@ -450,11 +449,7 @@
ipo->ip_src = saidx->src.sin.sin_addr;
ipo->ip_dst = saidx->dst.sin.sin_addr;
-#ifdef RANDOM_IP_ID
- ipo->ip_id = ip_randomid();
-#else
- ipo->ip_id = htons(ip_id++);
-#endif
+ ipo->ip_id = ip_newid();
/* If the inner protocol is IP... */
if (tp == IPVERSION) {
--
Gordon Bergling <GBergling at 0xfce3.net> http://www.0xFCE3.net/
PGP Fingerprint: 7732 9BB1 5013 AE8B E42C 28E0 93B9 D32B C76F 02A0
RIPE-HDL: MDTP-RIPE "There is no place like 127.0.0.0/8"
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
