o Document net.inet.ip.random_id sysctl.

Reviewed by: dwmalone, ru
author: maxim <maxim@FreeBSD.org> 2004-08-15 17:32:31 +0000
committer: maxim <maxim@FreeBSD.org> 2004-08-15 17:32:31 +0000
commit: 1bc83c65df30af29aa6b7bf485ce28a801b025c6 (patch)
tree: 76828026aba014e1291b1790883f9b0292dc35ba /share/man/man4/inet.4
parent: 4dd05c8c572e558551ca8d6bdb39b3eabc191751 (diff)
download: FreeBSD-src-1bc83c65df30af29aa6b7bf485ce28a801b025c6.zip
FreeBSD-src-1bc83c65df30af29aa6b7bf485ce28a801b025c6.tar.gz
1 files changed, 12 insertions, 1 deletions
diff --git a/share/man/man4/inet.4 b/share/man/man4/inet.4
index cc5881e..1cf0220 100644
--- a/share/man/man4/inet.4
+++ b/share/man/man4/inet.4
@@ -32,7 +32,7 @@
 .\"     From: @(#)inet.4	8.1 (Berkeley) 6/5/93
 .\" $FreeBSD$
 .\"
-.Dd July 2, 2004
+.Dd August 15, 2004
 .Dt INET 4
 .Os
 .Sh NAME
@@ -288,6 +288,17 @@ This
 .Xr sysctl 8
 variable affects packets destined for a local host as well as packets
 forwarded to some other host.
+.It Va ip.random_id
+Boolean: control IP IDs generation behaviour.
+Setting this
+.Xr sysctl 8
+to non-zero causes the ID field in IP packets to be randomized instead of
+incremented by 1 with each packet generated.
+This closes a minor information leak which allows remote observers to
+determine the rate of packet generation on the machine by watching the
+counter.
+Default is 0 (sequential IP IDs).
+IPv6 flow IDs and fragment IDs are always random.
 .El
 .Sh SEE ALSO
 .Xr ioctl 2 ,
author	maxim <maxim@FreeBSD.org>	2004-08-15 17:32:31 +0000
committer	maxim <maxim@FreeBSD.org>	2004-08-15 17:32:31 +0000
commit	1bc83c65df30af29aa6b7bf485ce28a801b025c6 (patch)
tree	76828026aba014e1291b1790883f9b0292dc35ba /share/man/man4/inet.4
parent	4dd05c8c572e558551ca8d6bdb39b3eabc191751 (diff)
download	FreeBSD-src-1bc83c65df30af29aa6b7bf485ce28a801b025c6.zip FreeBSD-src-1bc83c65df30af29aa6b7bf485ce28a801b025c6.tar.gz