Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262934AbVBCUEe (ORCPT ); Thu, 3 Feb 2005 15:04:34 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263355AbVBCUC0 (ORCPT ); Thu, 3 Feb 2005 15:02:26 -0500 Received: from fw.osdl.org ([65.172.181.6]:2180 "EHLO mail.osdl.org") by vger.kernel.org with ESMTP id S262925AbVBCTwF convert rfc822-to-8bit (ORCPT ); Thu, 3 Feb 2005 14:52:05 -0500 Date: Thu, 3 Feb 2005 11:51:27 -0800 From: Stephen Hemminger To: Lorenzo =?ISO-8859-1?B?SGVybuFuZGV6IEdhcmPtYS1IaWVycm8=?= Cc: linux@horizon.com, mingo@elte.hu, Arjan van de Ven , bunk@stusta.de, Chris Wright , davem@redhat.com, Hank Leininger , "linux-kernel@vger.kernel.org" , netdev@oss.sgi.com, Valdis.Kletnieks@vt.edu, spender@grsecurity.net Subject: Re: [PATCH] OpenBSD Networking-related randomization port Message-ID: <20050203115127.3245951f@dxpl.pdx.osdl.net> In-Reply-To: <1107365917.3754.155.camel@localhost.localdomain> References: <20050202171702.24523.qmail@science.horizon.com> <1107365917.3754.155.camel@localhost.localdomain> Organization: Open Source Development Lab X-Mailer: Sylpheed-Claws 1.0.0 (GTK+ 1.2.10; x86_64-unknown-linux-gnu) X-Face: &@E+xe?c%:&e4D{>f1O<&U>2qwRREG5!}7R4;D<"NO^UI2mJ[eEOA2*3>(`Th.yP,VDPo9$ /`~cw![cmj~~jWe?AHY7D1S+\}5brN0k*NE?pPh_'_d>6;XGG[\KDRViCfumZT3@[ Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1171 Lines: 29 On Wed, 02 Feb 2005 18:38:37 +0100 Lorenzo Hern?ndez Garc?a-Hierro wrote: > El mi?, 02-02-2005 a las 17:17 +0000, linux@horizon.com escribi?: > > There *are* things in OpenBSD, like randomized port assignment (as opposed > > to the linear scan in tcp_v4_get_port()) that would be worth emulating. > > Maybe worry about that first? > > Recent 2.6 does a more advanced form of port randomization already using address hash at connect time. tcp_v4_get_port is only used for the case of applications that explicitly bind to port zero to find a free port. So the sequence: socket(); connect(); will assign a random port in a manner similar to sequence number creation The sequence: socket(); bind(); connect(); assigns a simple linear increasing port value. It could be randomized, but most applications don't bother binding, so the first case is sufficient. -- Stephen Hemminger - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/