summaryrefslogtreecommitdiff
path: root/sys/netinet6/ip6_var.h
diff options
context:
space:
mode:
authorJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>2002-05-28 03:04:39 +0000
committerJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>2002-05-28 03:04:39 +0000
commit53ec36032674958de4f895e731fb895e73b0ba88 (patch)
treef8c0e79e20f60c53d91f8445a2b26ec099fb843e /sys/netinet6/ip6_var.h
parentff76c548fd5e060eba335ca880eee1e8c2d017d1 (diff)
limit number of IPv6 fragments (not the fragment queue size) to
fight against lots-of-frags DoS attacks. sync w/kame
Diffstat (limited to 'sys/netinet6/ip6_var.h')
-rw-r--r--sys/netinet6/ip6_var.h4
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/netinet6/ip6_var.h b/sys/netinet6/ip6_var.h
index a762113b178..4c07d7c694f 100644
--- a/sys/netinet6/ip6_var.h
+++ b/sys/netinet6/ip6_var.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip6_var.h,v 1.14 2002/03/14 01:27:12 millert Exp $ */
+/* $OpenBSD: ip6_var.h,v 1.15 2002/05/28 03:04:38 itojun Exp $ */
/* $KAME: ip6_var.h,v 1.33 2000/06/11 14:59:20 jinmei Exp $ */
/*
@@ -89,6 +89,7 @@ struct ip6q {
#ifdef notyet
u_char *ip6q_nxtp;
#endif
+ int ip6q_nfrag; /* # of fragments */
};
struct ip6asfrag {
@@ -216,6 +217,7 @@ extern int ip6_rr_prune; /* router renumbering prefix
extern struct socket *ip6_mrouter; /* multicast routing daemon */
extern int ip6_sendredirects; /* send IP redirects when forwarding? */
extern int ip6_maxfragpackets; /* Maximum packets in reassembly queue */
+extern int ip6_maxfrags; /* Maximum fragments in reassembly queue */
extern int ip6_sourcecheck; /* Verify source interface */
extern int ip6_sourcecheck_interval; /* Interval between log messages */
extern int ip6_accept_rtadv; /* Acts as a host not a router */
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-14 13:01:27 +0000