On Wednesday, January 26, 2011 6:28:07 am Ivo Vachkov wrote: > Hello, > > I would like to propose a patch (against FreeBSD RELENG_8) to extend > the port randomization support in FreeBSD, according to RFC6056 > (https://www.rfc-editor.org/rfc/rfc6056.txt) > > Currently the patch implements: > - Algorithm 1 (default in FreeBSD 8) > - Algorithm 2 > - Algorithm 5 > from the aforementioned RFC6056. > > Any of those algorithms can be chosen with the sysctl variable > net.inet.ip.portrange.rfc6056_algorithm. > > I deliberately skipped Algorithm 3 and Algorithm 4, because I believe > usage of cryptographic hash functions will introduce unnecessary > latency in vital network operations. However, in case of expressed > interest, I will be glad to add those too. > > I would like to ask what is the proper way to validate the sysctl > input in order to accept only a specific values? In my case only '1', > '2' and '5'.
Use a SYSCTL_PROC and write your own handler that does a sanity check on the value set by userland and returns EINVAL if the value is not correct. -- John Baldwin _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
