[Top] [All Lists]

Re: [PATCH] OpenBSD Networking-related randomization port

To: Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx>
Subject: Re: [PATCH] OpenBSD Networking-related randomization port
From: Stephen Hemminger <shemminger@xxxxxxxx>
Date: Thu, 3 Feb 2005 11:51:27 -0800
Cc: linux@xxxxxxxxxxx, mingo@xxxxxxx, Arjan van de Ven <arjan@xxxxxxxxxxxxx>, bunk@xxxxxxxxx, Chris Wright <chrisw@xxxxxxxx>, davem@xxxxxxxxxx, Hank Leininger <hlein@xxxxxxxxxxxxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx, Valdis.Kletnieks@xxxxxx, spender@xxxxxxxxxxxxxx
In-reply-to: <1107365917.3754.155.camel@xxxxxxxxxxxxxxxxxxxxx>
Organization: Open Source Development Lab
References: <20050202171702.24523.qmail@xxxxxxxxxxxxxxxxxxx> <1107365917.3754.155.camel@xxxxxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
On Wed, 02 Feb 2005 18:38:37 +0100
Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx> wrote:

> El mié, 02-02-2005 a las 17:17 +0000, linux@xxxxxxxxxxx escribió:
> > There *are* things in OpenBSD, like randomized port assignment (as opposed
> > to the linear scan in tcp_v4_get_port()) that would be worth emulating.
> > Maybe worry about that first?
> > 

Recent 2.6 does a more advanced form of port randomization already
using address hash at connect time.  tcp_v4_get_port is only used for the case
of applications that explicitly bind to port zero to find a free port.

So the sequence:
        socket(); connect(); 
will assign a random port in a manner similar to sequence number creation

The sequence:
        socket(); bind(); connect();
assigns a simple linear increasing port value.  It could be randomized, but
most applications don't bother binding, so the first case is sufficient.

Stephen Hemminger       <shemminger@xxxxxxxx>

<Prev in Thread] Current Thread [Next in Thread>