Module Name: src
Committed By: spz
Date: Tue May 24 18:07:12 UTC 2011
Modified Files:
src/sys/netinet: icmp6.h
src/sys/netinet6: in6.h in6_proto.c ip6_input.c ip6_var.h nd6.h
nd6_rtr.c
src/sys/sys: param.h
src/usr.bin/netstat: inet6.c
Log Message:
RA flood mitigation via a limit on accepted routes:
- introduce a limit for the routes accepted via IPv6 Router Advertisement:
a common 2 interface client will have 6, the default limit is 100 and
can be adjusted via sysctl
- report the current number of routes installed via RA via sysctl
- count discarded route additions. Note that one RA message is two routes.
This is at present only across all interfaces even though per-interface
would be more useful, since the per-interface structure complies to RFC2466
- bump kernel version due to the previous change
- adjust netstat to use the new value (with netstat -p icmp6)
To generate a diff of this commit:
cvs rdiff -u -r1.41 -r1.42 src/sys/netinet/icmp6.h
cvs rdiff -u -r1.68 -r1.69 src/sys/netinet6/in6.h
cvs rdiff -u -r1.91 -r1.92 src/sys/netinet6/in6_proto.c
cvs rdiff -u -r1.130 -r1.131 src/sys/netinet6/ip6_input.c
cvs rdiff -u -r1.54 -r1.55 src/sys/netinet6/ip6_var.h
cvs rdiff -u -r1.53 -r1.54 src/sys/netinet6/nd6.h
cvs rdiff -u -r1.80 -r1.81 src/sys/netinet6/nd6_rtr.c
cvs rdiff -u -r1.388 -r1.389 src/sys/sys/param.h
cvs rdiff -u -r1.58 -r1.59 src/usr.bin/netstat/inet6.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
