Subject: Re: random ip_id must be configurable
To: None <itojun@iijlab.net>
From: Matt Thomas <matt@3am-software.com>
List: tech-net
Date: 09/12/2003 15:38:43
On Friday, September 12, 2003, at 03:28 PM, itojun@iijlab.net wrote:
> based on nmap OS fingerprint database, freebsd randomizes ip_id.
> also you see even quite a few embedded products (like small broadband
> router) randomizes ip_id. why we can't do it for netbsd.
That's not the right question. We can do it.
The right question is: Why should we?
And for that I have not seen a convincing case that it's worth the
overhead.
Lastly, if I was going to do it, I would use the Solaris approach and
allocate those ip_id structures automagically in the inpcb code and pass
the structure to ip_output to use. (Of course, for icmp or igmp I'd
just
use a global structure and keep one per protocol).
--
Matt Thomas email: matt@3am-software.com
3am Software Foundry www:
http://3am-software.com/bio/matt/ Cupertino, CA
disclaimer: I avow all knowledge of this message.