linux/net
Stephen Hemminger d218d11133 tcp: Generalized TTL Security Mechanism
This patch adds the kernel portions needed to implement
RFC 5082 Generalized TTL Security Mechanism (GTSM).
It is a lightweight security measure against forged
packets causing DoS attacks (for BGP). 

This is already implemented the same way in BSD kernels.
For the necessary Quagga patch 
  http://www.gossamer-threads.com/lists/quagga/dev/17389

Description from Cisco
  http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_btsh.html

It does add one byte to each socket structure, but I did
a little rearrangement to reuse a hole (on 64 bit), but it
does grow the structure on 32 bit

This should be documented on ip(4) man page and the Glibc in.h
file also needs update.  IPV6_MINHOPLIMIT should also be added
(although BSD doesn't support that).  

Only TCP is supported, but could also be added to UDP, DCCP, SCTP
if desired.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-01-11 16:28:01 -08:00
..
9p 9p connect fixes 2009-12-16 12:16:41 -05:00
802 sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
8021q bonding: allow arp_ip_targets on separate vlans to use arp validation 2010-01-03 21:17:16 -08:00
appletalk Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
atm atm: [br2684] allow routed mode operation again 2009-12-08 20:22:31 -08:00
ax25 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
bluetooth Bluetooth: Fix L2CAP locking scheme regression 2009-12-17 12:07:25 -08:00
bridge netfilter: ebtables: enforce CAP_NET_ADMIN 2010-01-08 17:31:24 +01:00
can can: Speed up CAN frame receiption by using ml_priv 2010-01-03 21:31:03 -08:00
core Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-01-10 22:55:03 -08:00
dcb net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
dccp kfifo: rename kfifo_put... into kfifo_in... and kfifo_get... into kfifo_out... 2009-12-22 14:17:56 -08:00
decnet Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
dsa netdev: convert pseudo-devices to netdev_tx_t 2009-09-01 01:13:07 -07:00
econet net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
ethernet llc: use dev_hard_header 2009-12-26 20:38:23 -08:00
ieee802154 net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
ipv4 tcp: Generalized TTL Security Mechanism 2010-01-11 16:28:01 -08:00
ipv6 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-01-10 22:55:03 -08:00
ipx Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
irda NET: irda, remove unnecessary checks 2010-01-10 13:27:58 -08:00
iucv const: constify remaining dev_pm_ops 2009-12-15 08:53:25 -08:00
key xfrm: Fix truncation length of authentication algorithms installed via PF_KEY 2009-12-11 15:07:57 -08:00
lapb net: remove NET_RX_BAD and NET_RX_CN* defines 2009-07-05 19:15:35 -07:00
llc llc: fix SAP reference counting w.r.t. socket handling 2009-12-26 20:47:23 -08:00
mac80211 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 2009-12-30 13:51:29 -08:00
netfilter Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-01-10 22:55:03 -08:00
netlabel Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2009-12-09 19:43:33 -08:00
netlink net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
netrom Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
packet packet: dont call sleeping functions while holding rcu_read_lock() 2009-12-15 21:12:21 -08:00
phonet Phonet: reject unsupported sendmsg/recvmsg flags 2010-01-07 00:24:55 -08:00
rds Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband 2009-12-16 10:32:31 -08:00
rfkill net/rfkill/core.c: work around gcc-4.0.2 silliness 2009-12-07 16:51:23 -05:00
rose rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC 2010-01-03 21:21:16 -08:00
rxrpc net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
sched Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2009-12-09 19:43:33 -08:00
sctp net/sctp/socket.c: squish warning 2010-01-03 21:25:53 -08:00
sunrpc Merge branch 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6 2009-12-16 10:47:44 -08:00
tipc tipc: use kconfig to limit numeric ranges 2010-01-03 21:31:04 -08:00
unix Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
wanrouter headers: smp_lock.h redux 2009-07-12 12:22:34 -07:00
wimax Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2009-12-09 19:43:33 -08:00
wireless Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 2009-12-30 13:51:29 -08:00
x25 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
xfrm NET: XFRM: Fix spelling of neighbour. 2009-12-26 20:24:46 -08:00
compat.c net: use compat helper functions in compat_sys_recvmmsg 2009-12-11 15:07:57 -08:00
Kconfig net/compat/wext: send different messages to compat tasks 2009-07-15 08:53:39 -07:00
Makefile net: remove redundant sched/ in net/Makefile 2009-07-12 20:11:14 -07:00
nonet.c
socket.c fs: no games with DCACHE_UNHASHED 2009-12-17 10:51:40 -05:00
sysctl_net.c net: sysctl_net - use net_eq to compare nets 2009-03-16 16:23:30 +01:00
TUNABLE