[INET]: local port range robustness

Expansion of original idea from Denis V. Lunev <den@openvz.org> Add robustness and locking to the local_port_range sysctl. 1. Enforce that low < high when setting. 2. Use seqlock to ensure atomic update. The locking might seem like overkill, but there are cases where sysadmin might want to change value in the middle of a DoS attack. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Stephen Hemminger <shemminger@linux-foundation.org> 2007-10-10 17:30:46 -0700
committer: David S. Miller <davem@davemloft.net> 2007-10-10 17:30:46 -0700
commit: 227b60f5102cda4e4ab792b526a59c8cb20cd9f8 (patch)
tree: 2c9e372601ba794894833b0618bc531a9f5d57c4 /include/net/ip.h
parent: [SCTP]: port randomization (diff)
download: linux-dev-227b60f5102cda4e4ab792b526a59c8cb20cd9f8.tar.xz
linux-dev-227b60f5102cda4e4ab792b526a59c8cb20cd9f8.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/include/net/ip.h b/include/net/ip.h
index abf2820a1125..3af3ed9d320b 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -171,7 +171,8 @@ extern unsigned long snmp_fold_field(void *mib[], int offt);
 extern int snmp_mib_init(void *ptr[2], size_t mibsize, size_t mibalign);
 extern void snmp_mib_free(void *ptr[2]);
 
-extern int sysctl_local_port_range[2];
+extern void inet_get_local_port_range(int *low, int *high);
+
 extern int sysctl_ip_default_ttl;
 extern int sysctl_ip_nonlocal_bind;
author	Stephen Hemminger <shemminger@linux-foundation.org>	2007-10-10 17:30:46 -0700
committer	David S. Miller <davem@davemloft.net>	2007-10-10 17:30:46 -0700
commit	227b60f5102cda4e4ab792b526a59c8cb20cd9f8 (patch)
tree	2c9e372601ba794894833b0618bc531a9f5d57c4 /include/net/ip.h
parent	[SCTP]: port randomization (diff)
download	linux-dev-227b60f5102cda4e4ab792b526a59c8cb20cd9f8.tar.xz linux-dev-227b60f5102cda4e4ab792b526a59c8cb20cd9f8.zip