Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752963AbbGBIXr (ORCPT ); Thu, 2 Jul 2015 04:23:47 -0400 Received: from mail-wi0-f182.google.com ([209.85.212.182]:37409 "EHLO mail-wi0-f182.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752426AbbGBIXi (ORCPT ); Thu, 2 Jul 2015 04:23:38 -0400 Message-ID: <5594F4FF.1000904@6wind.com> Date: Thu, 02 Jul 2015 10:23:27 +0200 From: Nicolas Dichtel Reply-To: nicolas.dichtel@6wind.com Organization: 6WIND User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Matteo Croce , netdev@vger.kernel.org CC: linux-kernel@vger.kernel.org Subject: Re: [PATCH] add stealth mode References: In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1132 Lines: 26 Le 02/07/2015 00:53, Matteo Croce a écrit : > Add option to disable any reply not related to a listening socket, > like RST/ACK for TCP and ICMP Dest-Unreach for UDP. > Also disables ICMP replies to echo request and timestamp. > The stealth mode can be enabled selectively for a single interface. > --- > include/linux/inetdevice.h | 1 + > include/linux/ipv6.h | 1 + > include/uapi/linux/ip.h | 1 + > net/ipv4/devinet.c | 1 + > net/ipv4/icmp.c | 6 ++++++ > net/ipv4/tcp_ipv4.c | 3 ++- > net/ipv4/udp.c | 4 +++- > net/ipv6/addrconf.c | 7 +++++++ > net/ipv6/icmp.c | 3 ++- > net/ipv6/tcp_ipv6.c | 2 +- > net/ipv6/udp.c | 3 ++- > 11 files changed, 27 insertions(+), 5 deletions(-) It is recommended to add an explanation of new sysctl here: Documentation/networking/ip-sysctl.txt -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/