mirror of
https://github.com/torvalds/linux.git
synced 2024-12-26 12:52:30 +00:00
0bc1998544
To make ICMPv6 closer to ICMPv4, add ratemask parameter. Since the ICMP message types use larger numeric values, a simple bitmask doesn't fit. I use large bitmap. The input and output are the in form of list of ranges. Set the default to rate limit all error messages but Packet Too Big. For Packet Too Big, use ratemask instead of hard-coded. There are functions where icmpv6_xrlim_allow() and icmpv6_global_allow() aren't called. This patch only adds them to icmpv6_echo_reply(). Rate limiting error messages is mandated by RFC 4443 but RFC 4890 says that it is also acceptable to rate limit informational messages. Thus, I removed the current hard-coded behavior of icmpv6_mask_allow() that doesn't rate limit informational messages. v2: Add dummy function proc_do_large_bitmap() if CONFIG_PROC_SYSCTL isn't defined, expand the description in ip-sysctl.txt and remove unnecessary conditional before kfree(). v3: Inline the bitmap instead of dynamically allocated. Still is a pointer to it is needed because of the way proc_do_large_bitmap work. Signed-off-by: Stephen Suryaputra <ssuryaextr@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
---|---|---|
.. | ||
can.h | ||
conntrack.h | ||
core.h | ||
dccp.h | ||
generic.h | ||
hash.h | ||
ieee802154_6lowpan.h | ||
ipv4.h | ||
ipv6.h | ||
mib.h | ||
mpls.h | ||
netfilter.h | ||
nftables.h | ||
packet.h | ||
sctp.h | ||
unix.h | ||
x_tables.h | ||
xdp.h | ||
xfrm.h |