aha/net
William Allen Simpson 435cf559f0 TCPCT part 1d: define TCP cookie option, extend existing struct's
Data structures are carefully composed to require minimal additions.
For example, the struct tcp_options_received cookie_plus variable fits
between existing 16-bit and 8-bit variables, requiring no additional
space (taking alignment into consideration).  There are no additions to
tcp_request_sock, and only 1 pointer in tcp_sock.

This is a significantly revised implementation of an earlier (year-old)
patch that no longer applies cleanly, with permission of the original
author (Adam Langley):

    http://thread.gmane.org/gmane.linux.network/102586

The principle difference is using a TCP option to carry the cookie nonce,
instead of a user configured offset in the data.  This is more flexible and
less subject to user configuration error.  Such a cookie option has been
suggested for many years, and is also useful without SYN data, allowing
several related concepts to use the same extension option.

    "Re: SYN floods (was: does history repeat itself?)", September 9, 1996.
    http://www.merit.net/mail.archives/nanog/1996-09/msg00235.html

    "Re: what a new TCP header might look like", May 12, 1998.
    ftp://ftp.isi.edu/end2end/end2end-interest-1998.mail

These functions will also be used in subsequent patches that implement
additional features.

Requires:
   TCPCT part 1a: add request_values parameter for sending SYNACK
   TCPCT part 1b: generate Responder Cookie secret
   TCPCT part 1c: sysctl_tcp_cookie_size, socket option TCP_COOKIE_TRANSACTIONS

Signed-off-by: William.Allen.Simpson@gmail.com
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-12-02 22:07:25 -08:00
..
9p net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
802 net: remove COMPAT_NET_DEV_OPS 2009-05-25 01:53:53 -07:00
8021q net: Simplify vlan pernet operations. 2009-12-01 16:15:53 -08:00
appletalk net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
atm net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
ax25 net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
bluetooth net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
bridge net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
can net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
core skbuff: remove skb_dma_map/unmap 2009-12-02 19:57:15 -08:00
dcb net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
dccp TCPCT part 1a: add request_values parameter for sending SYNACK 2009-12-02 22:07:23 -08:00
decnet net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
dsa netdev: convert pseudo-devices to netdev_tx_t 2009-09-01 01:13:07 -07:00
econet net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
ethernet remove deprecated and not used: print_mac() 2009-11-15 22:21:34 -08:00
ieee802154 net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
ipv4 TCPCT part 1d: define TCP cookie option, extend existing struct's 2009-12-02 22:07:25 -08:00
ipv6 TCPCT part 1d: define TCP cookie option, extend existing struct's 2009-12-02 22:07:25 -08:00
ipx net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
irda net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
iucv iucv: add work_queue cleanup for suspend 2009-11-13 20:46:58 -08:00
key net: Simplify af_key pernet operations. 2009-12-01 16:15:54 -08:00
lapb net: remove NET_RX_BAD and NET_RX_CN* defines 2009-07-05 19:15:35 -07:00
llc net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
mac80211 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-12-01 22:13:38 -08:00
netfilter net: Simplify conntrack_proto_gre pernet operations. 2009-12-01 16:15:55 -08:00
netlabel net: rename skb->iif to skb->skb_iif 2009-11-20 15:35:04 -08:00
netlink net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
netrom net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
packet net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
phonet net: Simplify phonet pernet operations. 2009-12-01 16:15:57 -08:00
rds net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
rfkill Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-11-29 00:57:15 -08:00
rose net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
rxrpc net: use net_eq to compare nets 2009-11-25 15:14:13 -08:00
sched net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
sctp sctp: fix sctp_setsockopt_autoclose compile warning 2009-12-02 01:16:49 -08:00
sunrpc Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-12-01 22:13:38 -08:00
tipc net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
unix net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
wanrouter headers: smp_lock.h redux 2009-07-12 12:22:34 -07:00
wimax net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
wireless net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
x25 X25: Fix oops and refcnt problems from x25_dev_get 2009-11-29 00:25:02 -08:00
xfrm Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-12-01 22:13:38 -08:00
compat.c net: compat_sys_recvmmsg user timespec arg can be NULL 2009-12-02 01:23:23 -08:00
Kconfig net/compat/wext: send different messages to compat tasks 2009-07-15 08:53:39 -07:00
Makefile net: remove redundant sched/ in net/Makefile 2009-07-12 20:11:14 -07:00
nonet.c
socket.c net: compat_mmsghdr must be used in sys_recvmmsg 2009-12-02 01:23:23 -08:00
sysctl_net.c net: sysctl_net - use net_eq to compare nets 2009-03-16 16:23:30 +01:00
TUNABLE