diff options
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/ip_id.c | 3 | ||||
-rw-r--r-- | sys/netinet/ip_input.c | 8 | ||||
-rw-r--r-- | sys/netinet/ip_mroute.c | 13 | ||||
-rw-r--r-- | sys/netinet/ip_output.c | 7 | ||||
-rw-r--r-- | sys/netinet/ip_var.h | 19 | ||||
-rw-r--r-- | sys/netinet/raw_ip.c | 7 | ||||
-rw-r--r-- | sys/netinet/tcp_syncache.c | 5 | ||||
-rw-r--r-- | sys/netinet/tcp_usrreq.c | 7 |
8 files changed, 23 insertions, 46 deletions
diff --git a/sys/netinet/ip_id.c b/sys/netinet/ip_id.c index 700f731..c8455f8 100644 --- a/sys/netinet/ip_id.c +++ b/sys/netinet/ip_id.c @@ -57,14 +57,12 @@ * This avoids reuse issues caused by reseeding. */ -#include "opt_random_ip_id.h" #include "opt_pf.h" #include <sys/param.h> #include <sys/time.h> #include <sys/kernel.h> #include <sys/random.h> -#if defined(RANDOM_IP_ID) || defined(DEV_PF) #define RU_OUT 180 /* Time after wich will be reseeded */ #define RU_MAX 30000 /* Uniq cycle, avoid blackjack prediction */ #define RU_GEN 2 /* Starting generator */ @@ -209,4 +207,3 @@ ip_randomid(void) return (ru_seed ^ pmod(ru_g,ru_seed2 ^ ru_x,RU_N)) | ru_msb; } -#endif /* RANDOM_IP_ID || DEV_PF */ diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 0d64eff..0ae3c16 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -39,7 +39,6 @@ #include "opt_ipsec.h" #include "opt_mac.h" #include "opt_pfil_hooks.h" -#include "opt_random_ip_id.h" #include <sys/param.h> #include <sys/systm.h> @@ -135,6 +134,11 @@ SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW, &ip_sendsourcequench, 0, "Enable the transmission of source quench packets"); +int ip_do_randomid = 0; +SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW, + &ip_do_randomid, 0, + "Assign random ip_id values"); + /* * XXX - Setting ip_checkinterface mostly implements the receive side of * the Strong ES model described in RFC 1122, but since the routing table @@ -281,9 +285,7 @@ ip_init() maxnipq = nmbclusters / 32; maxfragsperpacket = 16; -#ifndef RANDOM_IP_ID ip_id = time_second & 0xffff; -#endif ipintrq.ifq_maxlen = ipqmaxlen; mtx_init(&ipintrq.ifq_mtx, "ip_inq", NULL, MTX_DEF); netisr_register(NETISR_IP, ip_input, &ipintrq, NETISR_MPSAFE); diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c index 11490c4..57e8db8 100644 --- a/sys/netinet/ip_mroute.c +++ b/sys/netinet/ip_mroute.c @@ -22,7 +22,6 @@ #include "opt_mac.h" #include "opt_mrouting.h" -#include "opt_random_ip_id.h" #ifdef PIM #define _PIM_VT 1 @@ -1884,11 +1883,7 @@ encap_send(struct ip *ip, struct vif *vifp, struct mbuf *m) */ ip_copy = mtod(mb_copy, struct ip *); *ip_copy = multicast_encap_iphdr; -#ifdef RANDOM_IP_ID - ip_copy->ip_id = ip_randomid(); -#else - ip_copy->ip_id = htons(ip_id++); -#endif + ip_copy->ip_id = ip_newid(); ip_copy->ip_len += len; ip_copy->ip_src = vifp->v_lcl_addr; ip_copy->ip_dst = vifp->v_rmt_addr; @@ -3093,11 +3088,7 @@ pim_register_send_rp(struct ip *ip, struct vif *vifp, */ ip_outer = mtod(mb_first, struct ip *); *ip_outer = pim_encap_iphdr; -#ifdef RANDOM_IP_ID - ip_outer->ip_id = ip_randomid(); -#else - ip_outer->ip_id = htons(ip_id++); -#endif + ip_outer->ip_id = ip_newid(); ip_outer->ip_len = len + sizeof(pim_encap_iphdr) + sizeof(pim_encap_pimhdr); ip_outer->ip_src = viftable[vifi].v_lcl_addr; ip_outer->ip_dst = rt->mfc_rp; diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 8f7003c..4946153 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -37,7 +37,6 @@ #include "opt_ipsec.h" #include "opt_mac.h" #include "opt_pfil_hooks.h" -#include "opt_random_ip_id.h" #include "opt_mbuf_stress_test.h" #include <sys/param.h> @@ -216,11 +215,7 @@ ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) { ip->ip_v = IPVERSION; ip->ip_hl = hlen >> 2; -#ifdef RANDOM_IP_ID - ip->ip_id = ip_randomid(); -#else - ip->ip_id = htons(ip_id++); -#endif + ip->ip_id = ip_newid(); ipstat.ips_localout++; } else { hlen = ip->ip_hl << 2; diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index ff616fb..66da695b 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -142,9 +142,7 @@ struct route; struct sockopt; extern struct ipstat ipstat; -#ifndef RANDOM_IP_ID extern u_short ip_id; /* ip packet ctr, for ids */ -#endif extern int ip_defttl; /* default IP ttl */ extern int ipforwarding; /* ip forwarding */ extern int ip_doopts; /* process or ignore IP options */ @@ -178,10 +176,7 @@ void ip_slowtimo(void); struct mbuf * ip_srcroute(void); void ip_stripoptions(struct mbuf *, struct mbuf *); -#ifdef RANDOM_IP_ID -u_int16_t - ip_randomid(void); -#endif +u_int16_t ip_randomid(void); int rip_ctloutput(struct socket *, struct sockopt *); void rip_ctlinput(int, struct sockaddr *, void *); void rip_init(void); @@ -201,6 +196,18 @@ extern struct pfil_head inet_pfil_hook; void in_delayed_cksum(struct mbuf *m); +static __inline uint16_t ip_newid(void); +extern int ip_do_randomid; + +static __inline uint16_t +ip_newid(void) +{ + if (ip_do_randomid) + return ip_randomid(); + + return htons(ip_id++); +} + #endif /* _KERNEL */ #endif /* !_NETINET_IP_VAR_H_ */ diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 6b854c0..3f3fb02 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -33,7 +33,6 @@ #include "opt_inet6.h" #include "opt_ipsec.h" #include "opt_mac.h" -#include "opt_random_ip_id.h" #include <sys/param.h> #include <sys/jail.h> @@ -304,11 +303,7 @@ rip_output(struct mbuf *m, struct socket *so, u_long dst) return EINVAL; } if (ip->ip_id == 0) -#ifdef RANDOM_IP_ID - ip->ip_id = ip_randomid(); -#else - ip->ip_id = htons(ip_id++); -#endif + ip->ip_id = ip_newid(); /* XXX prevent ip_output from overwriting header fields */ flags |= IP_RAWOUTPUT; ipstat.ips_rawout++; diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c index 6ceff8f..9c918a9 100644 --- a/sys/netinet/tcp_syncache.c +++ b/sys/netinet/tcp_syncache.c @@ -38,7 +38,6 @@ #include "opt_inet6.h" #include "opt_ipsec.h" #include "opt_mac.h" -#include "opt_random_ip_id.h" #include "opt_tcpdebug.h" #include "opt_tcp_sack.h" @@ -958,11 +957,7 @@ syncache_add(inc, to, th, sop, m) if (inc->inc_isipv6 && (sc->sc_tp->t_inpcb->in6p_flags & IN6P_AUTOFLOWLABEL)) { sc->sc_flowlabel = -#ifdef RANDOM_IP_ID (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); -#else - (htonl(ip6_flow_seq++) & IPV6_FLOWLABEL_MASK); -#endif } #endif } diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 1e96129..df6fa74 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -33,7 +33,6 @@ #include "opt_ipsec.h" #include "opt_inet.h" #include "opt_inet6.h" -#include "opt_random_ip_id.h" #include "opt_tcpdebug.h" #include <sys/param.h> @@ -946,12 +945,8 @@ tcp6_connect(tp, nam, td) /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ inp->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; if (inp->in6p_flags & IN6P_AUTOFLOWLABEL) - inp->in6p_flowinfo |= -#ifdef RANDOM_IP_ID + inp->in6p_flowinfo |= (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); -#else - (htonl(ip6_flow_seq++) & IPV6_FLOWLABEL_MASK); -#endif in_pcbrehash(inp); /* Compute window scaling to request. */ |