On Sat, 5 Mar 2011, Doug Barton wrote:
Hi,
as you may have noticed, I had committed logical upfront changes to
the current code this weekend, to make it easier for anyone to later
understand what happened, when looking at revision history.
I have updated the patch for HEAD and it can be found h
On 03/04/2011 16:21, Bjoern A. Zeeb wrote:
That said I messed with the patch to avoid the two copies of the
algorithms (so it will not be 4 soon). I know it compiles but I have
yet to test it. I'd love to hear opinions. The #ifdef INET6/INETs
are ugly but we'll see those a lot more and need to
On 03/04/2011 16:21, Bjoern A. Zeeb wrote:
On Sun, 27 Feb 2011, Doug Barton wrote:
As for default algorithm, is there any reason not to make it 4?
Yes, it's expensive both computation time and stack wise. Last I put
MD5ctxs on the stack I was told that it was previously avoided do to
stack l
On Sun, 27 Feb 2011, Doug Barton wrote:
On 02/27/2011 12:23, Fernando Gont wrote:
On 08/02/2011 03:47 p.m., Doug Barton wrote:
[catching up with e-mail]
I've been up and running on this patch vs. r218391 for over 24 hours
now, using algorithm 4 (as someone said is now the default in Linux)
w
On Thu, Mar 3, 2011 at 12:00 AM, Bjoern A. Zeeb
wrote:
> On Sat, 5 Feb 2011, Giorgos Keramidas wrote:
>
> Hi,
>
>> On Fri, 28 Jan 2011 11:00:40 -0800, Doug Barton wrote:
>>>
>>> I haven't reviewed the patch in detail yet but I wanted to first thank
>>> you for taking on this work, and being so re
On Sat, 5 Feb 2011, Giorgos Keramidas wrote:
Hi,
On Fri, 28 Jan 2011 11:00:40 -0800, Doug Barton wrote:
I haven't reviewed the patch in detail yet but I wanted to first thank
you for taking on this work, and being so responsive to Fernando's
request (which I agreed with, and you updated befor
On 02/27/2011 14:05, Bjoern A. Zeeb wrote:
On Sun, 27 Feb 2011, Fernando Gont wrote:
Hi,
On 27/02/2011 05:38 p.m., Doug Barton wrote:
Has this been commited to the tree, already? -- If so, what's the
default algorithm?
Bjoern was planning to do it, I'm going to do it if he doesn't get
arou
On Sun, 27 Feb 2011, Fernando Gont wrote:
Hi,
On 27/02/2011 05:38 p.m., Doug Barton wrote:
Has this been commited to the tree, already? -- If so, what's the
default algorithm?
Bjoern was planning to do it, I'm going to do it if he doesn't get
around to it.
As for default algorithm, is ther
On 27/02/2011 05:38 p.m., Doug Barton wrote:
>> Has this been commited to the tree, already? -- If so, what's the
>> default algorithm?
>
> Bjoern was planning to do it, I'm going to do it if he doesn't get
> around to it.
>
> As for default algorithm, is there any reason not to make it 4?
Not
On 02/27/2011 12:23, Fernando Gont wrote:
On 08/02/2011 03:47 p.m., Doug Barton wrote:
[catching up with e-mail]
I've been up and running on this patch vs. r218391 for over 24 hours
now, using algorithm 4 (as someone said is now the default in Linux)
without any problems.
I think Bjoern is be
On 08/02/2011 03:47 p.m., Doug Barton wrote:
[catching up with e-mail]
> I've been up and running on this patch vs. r218391 for over 24 hours
> now, using algorithm 4 (as someone said is now the default in Linux)
> without any problems.
>
> I think Bjoern is better qualified than I to comment on
I've been up and running on this patch vs. r218391 for over 24 hours
now, using algorithm 4 (as someone said is now the default in Linux)
without any problems.
I think Bjoern is better qualified than I to comment on the style of the
patch, but it applies cleanly, and seems to run fine on both
On Fri, 28 Jan 2011 11:00:40 -0800, Doug Barton wrote:
> I haven't reviewed the patch in detail yet but I wanted to first thank
> you for taking on this work, and being so responsive to Fernando's
> request (which I agreed with, and you updated before I even had a
> chance to say so). :)
Thanks f
Hello,
I attach the latest version of the port randomization code as a patch
against RELENG_8.
Changelog:
1) sysctl variable names are changed to:
- 'net.inet.ip.portrange.randomalg.version' - representing the
algorithm of choice.
- 'net.inet.ip.portrange.randomalg.alg5_tradeoff' - representing t
On 01/28/2011 11:57, Ivo Vachkov wrote:
On Fri, Jan 28, 2011 at 9:00 PM, Doug Barton wrote:
How does net.inet.ip.portrange.randomalg sound? I would also suggest that
the second sysctl be named net.inet.ip.portrange.randomalg.alg5_tradeoff so
that one could do 'sysctl net.inet.ip.portrange.ran
On Fri, Jan 28, 2011 at 9:00 PM, Doug Barton wrote:
> On 01/28/2011 06:33, Ivo Vachkov wrote:
>>
>> Hello,
>>
>> I would like to thank for the help and for the recommendations.
>>
>> I attach second version of the patch, I proposed earlier, including
>> following changes:
>>
>> 1) All RFC6056 algo
On 01/28/2011 06:33, Ivo Vachkov wrote:
Hello,
I would like to thank for the help and for the recommendations.
I attach second version of the patch, I proposed earlier, including
following changes:
1) All RFC6056 algorithms are implemented.
2) Both IPv4 and IPv6 stacks are modified to use the
Hello,
I would like to thank for the help and for the recommendations.
I attach second version of the patch, I proposed earlier, including
following changes:
1) All RFC6056 algorithms are implemented.
2) Both IPv4 and IPv6 stacks are modified to use the new port
randomization code.
3) There are
On 26/01/2011 08:28 a.m., Ivo Vachkov wrote:
> I would like to propose a patch (against FreeBSD RELENG_8) to extend
> the port randomization support in FreeBSD, according to RFC6056
> (https://www.rfc-editor.org/rfc/rfc6056.txt)
>
> Currently the patch implements:
> - Algorithm 1 (default in Free
On Wed, 26 Jan 2011, Ivo Vachkov wrote:
Hi,
I would like to propose a patch (against FreeBSD RELENG_8) to extend
the port randomization support in FreeBSD, according to RFC6056
(https://www.rfc-editor.org/rfc/rfc6056.txt)
Currently the patch implements:
- Algorithm 1 (default in FreeBSD 8)
- A
On Wednesday, January 26, 2011 6:28:07 am Ivo Vachkov wrote:
> Hello,
>
> I would like to propose a patch (against FreeBSD RELENG_8) to extend
> the port randomization support in FreeBSD, according to RFC6056
> (https://www.rfc-editor.org/rfc/rfc6056.txt)
>
> Currently the patch implements:
> - A
Hello,
I would like to propose a patch (against FreeBSD RELENG_8) to extend
the port randomization support in FreeBSD, according to RFC6056
(https://www.rfc-editor.org/rfc/rfc6056.txt)
Currently the patch implements:
- Algorithm 1 (default in FreeBSD 8)
- Algorithm 2
- Algorithm 5
from the aforem
22 matches
Mail list logo
