North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: RFC3514
now that we have first implementation i think it's time for rob thomas to start monitoring who has deployed it and who not :))))) -- deejay > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: 1. apr�la 2003 19:40 > To: [email protected] > Subject: Re: RFC3514 > > > > > > > Well, you weren't taking it seriously, I hope. lol > > > > > > -Jack > > ------------------------- > get it while its hot.... > ----------------- > > Subject: cvs commit: src/sbin/ping ping.8 ping.c src/share/man/man4 > inet.4 ip.4 src/sys/netinet in.h in_pcb.h ip.h ip_input.c > ip_output.c ip_var.h src/usr.bin/netstat inet.c > Date: Tue, 1 Apr 2003 00:21:44 -0800 (PST) > To: [email protected], [email protected], > [email protected] > > mdodd 2003/04/01 00:21:44 PST > > FreeBSD src repository > > Modified files: > sbin/ping ping.8 ping.c > share/man/man4 inet.4 ip.4 > sys/netinet in.h in_pcb.h ip.h ip_input.c ip_output.c > ip_var.h > usr.bin/netstat inet.c > Log: > Implement support for RFC 3514 (The Security Flag in the > IPv4 Header). > (See: ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt) > > This fulfills the host requirements for userland support by > way of the setsockopt() IP_EVIL_INTENT message. > > There are three sysctl tunables provided to govern system behavior. > > net.inet.ip.rfc3514: > > Enables support for rfc3514. As this is an > Informational RFC and support is not yet widespread > this option is disabled by default. > > net.inet.ip.hear_no_evil > > If set the host will discard all received > evil packets. > > net.inet.ip.speak_no_evil > > If set the host will discard all > transmitted evil packets. > > The IP statistics counter 'ips_evil' (available via > 'netstat') provides > information on the number of 'evil' packets recieved. > > For reference, the '-E' option to 'ping' has been provided > to demonstrate > and test the implementation. > > Revision Changes Path > 1.47 +4 -2 src/sbin/ping/ping.8 > 1.92 +13 -1 src/sbin/ping/ping.c > 1.21 +11 -0 src/share/man/man4/inet.4 > 1.29 +9 -0 src/share/man/man4/ip.4 > 1.75 +2 -0 src/sys/netinet/in.h > 1.59 +1 -0 src/sys/netinet/in_pcb.h > 1.22 +1 -0 src/sys/netinet/ip.h > 1.232 +14 -0 src/sys/netinet/ip_input.c > 1.181 +28 -1 src/sys/netinet/ip_output.c > 1.72 +1 -0 src/sys/netinet/ip_var.h > 1.57 +1 -0 src/usr.bin/netstat/inet.c > > > ----- End forwarded message: >
|