public inbox for newlib-cvs@sourceware.org help / color / mirror / Atom feed
From: Sebastian Huber <sh@sourceware.org> To: newlib-cvs@sourceware.org Subject: [newlib-cygwin] pf: syncookie support Date: Mon, 11 Jul 2022 11:54:45 +0000 (GMT) [thread overview] Message-ID: <20220711115445.333293857825@sourceware.org> (raw) https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=5260d10c985fd87e1d1aaed3c437cf272af024e0 commit 5260d10c985fd87e1d1aaed3c437cf272af024e0 Author: Kristof Provost <kp@FreeBSD.org> Date: Thu May 20 11:54:41 2021 +0200 pf: syncookie support Import OpenBSD's syncookie support for pf. This feature help pf resist TCP SYN floods by only creating states once the remote host completes the TCP handshake rather than when the initial SYN packet is received. This is accomplished by using the initial sequence numbers to encode a cookie (hence the name) in the SYN+ACK response and verifying this on receipt of the client ACK. Reviewed by: kbowling Obtained from: OpenBSD MFC after: 1 week Sponsored by: Modirum MDPay Differential Revision: https://reviews.freebsd.org/D31138 Diff: --- newlib/libc/sys/rtems/include/netinet/tcp.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/newlib/libc/sys/rtems/include/netinet/tcp.h b/newlib/libc/sys/rtems/include/netinet/tcp.h index 45bece9fa..a79dbeaad 100644 --- a/newlib/libc/sys/rtems/include/netinet/tcp.h +++ b/newlib/libc/sys/rtems/include/netinet/tcp.h @@ -105,6 +105,8 @@ struct tcphdr { #define TCPOPT_FAST_OPEN 34 #define TCPOLEN_FAST_OPEN_EMPTY 2 +#define MAX_TCPOPTLEN 40 /* Absolute maximum TCP options len */ + /* Miscellaneous constants */ #define MAX_SACK_BLKS 6 /* Max # SACK blocks stored at receiver side */ #define TCP_MAX_SACK 4 /* MAX # SACKs sent in any segment */
reply other threads:[~2022-07-11 11:54 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20220711115445.333293857825@sourceware.org \ --to=sh@sourceware.org \ --cc=newlib-cvs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).