FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F5.3 2004-08-14T15:32:40Z 2004-08-14T15:32:40Z David Malone dwmalone@FreeBSD.org 2004-08-14T15:32:40Z urn:sha1:1f44b0a1b539198ce55bf97e73d51ded20a55ab4 have already done this, so I have styled the patch on their work: 1) introduce a ip_newid() static inline function that checks the sysctl and then decides if it should return a sequential or random IP ID. 2) named the sysctl net.inet.ip.random_id 3) IPv6 flow IDs and fragment IDs are now always random. Flow IDs and frag IDs are significantly less common in the IPv6 world (ie. rarely generated per-packet), so there should be smaller performance concerns. The sysctl defaults to 0 (sequential IP IDs). Reviewed by: andre, silby, mlaier, ume Based on: NetBSD MFC after: 2 months 2004-06-16T23:24:02Z Max Laier mlaier@FreeBSD.org 2004-06-16T23:24:02Z urn:sha1:7c1fe9533390e3a906df00201ee6c66cbac7a031 Version 3.5 brings: - Atomic commits of ruleset changes (reduce the chance of ending up in an inconsistent state). - A 30% reduction in the size of state table entries. - Source-tracking (limit number of clients and states per client). - Sticky-address (the flexibility of round-robin with the benefits of source-hash). - Significant improvements to interface handling. - and many more ... 2004-04-06T15:12:50Z Max Laier mlaier@FreeBSD.org 2004-04-06T15:12:50Z urn:sha1:1ffe5d762b1dba2d7bf54e412484286ccd02d1d4 for INET6-less kernel. Requested by: many Approved by: bms(mentor) 2004-02-26T03:53:54Z Max Laier mlaier@FreeBSD.org 2004-02-26T03:53:54Z urn:sha1:cc5934f5afcc7d243b43ff83f093676556c2488d pf/pflog/pfsync as modules. Do not list them in NOTES or modules/Makefile (i.e. do not connect it to any (automatic) builds - yet). Approved by: bms(mentor)