lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
6b43c44654
linux-kernel-test/include/net
History
Eric Dumazet 282f23c6ee tcp: implement RFC 5961 3.2 
Implement the RFC 5691 mitigation against Blind
Reset attack using RST bit.

Idea is to validate incoming RST sequence,
to match RCV.NXT value, instead of previouly accepted
window : (RCV.NXT <= SEG.SEQ < RCV.NXT+RCV.WND)

If sequence is in window but not an exact match, send
a "challenge ACK", so that the other part can resend an
RST with the appropriate sequence.

Add a new sysctl, tcp_challenge_ack_limit, to limit
number of challenge ACK sent per second.

Add a new SNMP counter to count number of challenge acks sent.
(netstat -s | grep TCPChallengeACK)

Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Kiran Kumar Kella <kkiran@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-07-17 01:36:20 -07:00
..
9p
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless 2012-06-13 15:35:35 -04:00
caif caif-hsi: Remove use of module parameters 2012-06-25 16:44:12 -07:00
irda
iucv
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-07-10 23:56:33 -07:00
netns tcp: Maintain dynamic metrics in local cache. 2012-07-10 22:39:57 -07:00
nfc NFC: Allow HCI driver to pre-open pipes to some gates 2012-07-09 16:42:12 -04:00
phonet net: remove my future former mail address 2012-06-17 16:29:38 -07:00
sctp ipv6: Add redirect support to all protocol icmp error handlers. 2012-07-12 00:25:15 -07:00
tc_act
act_api.h
addrconf.h ipv6: bool/const conversions phase2 2012-05-19 01:08:16 -04:00
af_ieee802154.h
af_rxrpc.h
af_unix.h af_unix: speedup /proc/net/unix 2012-06-08 14:27:23 -07:00
ah.h
arp.h ipv4: Make neigh lookups directly in output packet path. 2012-07-05 01:02:12 -07:00
atmclip.h
ax25.h
ax88796.h
cfg80211-wext.h
cfg80211.h cfg80211: bitrate calculation for 60g 2012-07-05 15:18:32 +02:00
checksum.h
cipso_ipv4.h cipso: handle CIPSO options correctly when NetLabel is disabled 2012-06-01 14:18:29 -04:00
cls_cgroup.h
codel.h fq_codel: should use qdisc backlog as threshold 2012-05-16 15:30:26 -04:00
compat.h
datalink.h
dcbevent.h
dcbnl.h
dn_dev.h
dn_fib.h
dn_neigh.h
dn_nsp.h
dn_route.h decnet: Use neighbours privately in dn_route struct. 2012-07-05 01:12:14 -07:00
dn.h
dsa.h
dsfield.h
dst_ops.h ipv4: Generalize ip_do_redirect() and hook into new dst_ops->redirect. 2012-07-11 20:55:47 -07:00
dst.h net: Kill set_dst_metric_rtt(). 2012-07-10 22:40:07 -07:00
esp.h
ethoc.h
fib_rules.h ipv4: Elide fib_validate_source() completely when possible. 2012-06-29 01:36:36 -07:00
flow_keys.h
flow.h inet: Kill FLOWI_FLAG_PRECOW_METRICS. 2012-07-10 22:40:12 -07:00
garp.h
gen_stats.h
genetlink.h net: Use NLMSG_DEFAULT_SIZE in combination with nlmsg_new() 2012-06-28 17:56:43 -07:00
gre.h
icmp.h
ieee80211_radiotap.h
ieee802154_netdev.h mac802154: declare reduced mlme operations 2012-05-16 15:16:56 -04:00
ieee802154.h
if_inet6.h net: delete all instances of special processing for token ring 2012-05-15 20:14:35 -04:00
inet6_connection_sock.h tcp: pass fl6 to inet6_csk_route_req() 2012-06-28 17:53:50 -07:00
inet6_hashtables.h
inet_common.h
inet_connection_sock.h inet: Remove ->get_peer() method. 2012-07-10 22:40:10 -07:00
inet_ecn.h
inet_frag.h ip_frag: struct inet_frags match() method returns a bool 2012-05-18 01:40:27 -04:00
inet_hashtables.h ipv4: Early TCP socket demux. 2012-06-19 21:22:05 -07:00
inet_sock.h inet: Kill FLOWI_FLAG_PRECOW_METRICS. 2012-07-10 22:40:12 -07:00
inet_timewait_sock.h
inetpeer.h ipv4: Maintain redirect and PMTU info in struct rtable again. 2012-07-10 22:40:14 -07:00
ip6_checksum.h
ip6_fib.h ipv6: Store route neighbour in rt6_info struct. 2012-07-05 02:41:58 -07:00
ip6_route.h ipv6: Use icmpv6_notify() to propagate redirect, instead of rt6_redirect(). 2012-07-12 00:33:37 -07:00
ip6_tunnel.h ipv6_tunnel: Allow receiving packets on the fallback tunnel if they pass sanity checks 2012-06-29 00:52:32 -07:00
ip_fib.h ipv4: Don't store a rule pointer in fib_result. 2012-07-13 08:21:29 -07:00
ip_vs.h
ip.h ipv4: Show that ip_send_reply() is purely unicast routine. 2012-06-28 03:21:41 -07:00
ipcomp.h
ipconfig.h
ipip.h
ipv6.h ipv6: Use icmpv6_notify() to propagate redirect, instead of rt6_redirect(). 2012-07-12 00:33:37 -07:00
ipx.h
iw_handler.h
lapb.h lapb: Neaten debugging 2012-05-17 18:45:20 -04:00
lib80211.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h net: delete all instances of special processing for token ring 2012-05-15 20:14:35 -04:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
mac80211.h mac80211: add TX prepare API 2012-07-03 13:50:34 +02:00
mac802154.h mac802154: add wpan device-class support 2012-06-26 21:06:11 -07:00
mip6.h
mld.h
ndisc.h ipv6: Export ndisc option parsing from ndisc.c 2012-07-11 23:39:11 -07:00
neighbour.h net: Do delayed neigh confirmation. 2012-07-05 01:03:06 -07:00
net_namespace.h net: make sock diag per-namespace 2012-07-16 22:31:34 -07:00
net_ratelimit.h
netdma.h
netevent.h net: Pass neighbours and dest address into NETEVENT_REDIRECT events. 2012-07-05 02:21:55 -07:00
netlabel.h
netlink.h
netprio_cgroup.h
netrom.h
nexthop.h
nl802154.h
p8022.h
ping.h
pkt_cls.h
pkt_sched.h
protocol.h ipv4: Kill early demux method return value. 2012-06-27 22:01:22 -07:00
psnap.h
raw.h
rawv6.h ipv6: bool/const conversions phase2 2012-05-19 01:08:16 -04:00
red.h
regulatory.h
request_sock.h
rose.h
route.h ipv4: Kill ip_rt_redirect(). 2012-07-11 21:30:08 -07:00
rtnetlink.h
sch_generic.h bonding: Fix corrupted queue_mapping 2012-06-12 15:29:21 -07:00
scm.h
secure_seq.h
slhc_vj.h
snmp.h
sock.h tcp: TCP Small Queues 2012-07-11 18:12:59 -07:00
stp.h
tcp_memcontrol.h
tcp_states.h
tcp.h tcp: implement RFC 5961 3.2 2012-07-17 01:36:20 -07:00
timewait_sock.h [PATCH] tcp: Cache inetpeer in timewait socket, and only when necessary. 2012-06-09 14:56:12 -07:00
transp_v6.h
udp.h
udplite.h
wext.h
wimax.h
wpan-phy.h mac802154: monitor device support 2012-05-16 15:17:08 -04:00
x25.h
x25device.h
xfrm.h xfrm_user: Propagate netlink error codes properly. 2012-06-27 21:57:03 -07:00