Add ``options RANDOM_IP_ID'' which randomizes the ID field of IP packets.

This closes a minor information leak which allows a remote observer to determine the rate at which the machine is generating packets, since the default behaviour is to increment a counter for each packet sent. Reviewed by: -net Obtained from: OpenBSD
author: kris <kris@FreeBSD.org> 2001-06-01 10:02:28 +0000
committer: kris <kris@FreeBSD.org> 2001-06-01 10:02:28 +0000
commit: e1524eb20ca44614d4942a0b92929a02e67dce44 (patch)
tree: 9bd8aa0fc8cabc5d0cc01510f30e42d4a12277e2 /sys/netinet/ip_mroute.c
parent: 83f8b7087fd25f91158a6a096fad46b33b513773 (diff)
download: FreeBSD-src-e1524eb20ca44614d4942a0b92929a02e67dce44.zip
FreeBSD-src-e1524eb20ca44614d4942a0b92929a02e67dce44.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c
index b6a9fca..62da7dd 100644
--- a/sys/netinet/ip_mroute.c
+++ b/sys/netinet/ip_mroute.c
@@ -13,6 +13,7 @@
  */
 
 #include "opt_mrouting.h"
+#include "opt_random_ip_id.h"
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -1581,7 +1582,11 @@ encap_send(ip, vifp, m)
      */
     ip_copy = mtod(mb_copy, struct ip *);
     *ip_copy = multicast_encap_iphdr;
+#ifdef RANDOM_IP_ID
+    ip_copy->ip_id = ip_randomid();
+#else
     ip_copy->ip_id = htons(ip_id++);
+#endif
     ip_copy->ip_len += len;
     ip_copy->ip_src = vifp->v_lcl_addr;
     ip_copy->ip_dst = vifp->v_rmt_addr;
author	kris <kris@FreeBSD.org>	2001-06-01 10:02:28 +0000
committer	kris <kris@FreeBSD.org>	2001-06-01 10:02:28 +0000
commit	e1524eb20ca44614d4942a0b92929a02e67dce44 (patch)
tree	9bd8aa0fc8cabc5d0cc01510f30e42d4a12277e2 /sys/netinet/ip_mroute.c
parent	83f8b7087fd25f91158a6a096fad46b33b513773 (diff)
download	FreeBSD-src-e1524eb20ca44614d4942a0b92929a02e67dce44.zip FreeBSD-src-e1524eb20ca44614d4942a0b92929a02e67dce44.tar.gz