Return to 41.html CVS log | Up to [local] / www |
version 1.22, 2007/03/06 14:47:06 | version 1.23, 2007/03/06 14:54:53 | ||
---|---|---|---|
|
|
||
<li>New functionality: | <li>New functionality: | ||
<ul> | <ul> | ||
<li>the IP_RECVTTL | <li>the IP_RECVTTL | ||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=moscom&sektion=4">ip(4)</a> | <a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=ip&sektion=4">ip(4)</a> | ||
socket option allows programs to receive the incoming ttl on raw and udp sockets. | socket option allows programs to receive the incoming ttl on raw and udp sockets. | ||
<li>the IP_MINTTL | <li>the IP_MINTTL | ||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=moscom&sektion=4">ip(4)</a> | <a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=ip&sektion=4">ip(4)</a> | ||
socket option allows programs to ask the kernel to discard any packets with a ttl | socket option allows programs to ask the kernel to discard any packets with a ttl | ||
smaller than the given one, for implementing the IP TLL security hack aka the Generalized | smaller than the given one, for implementing the IP TLL security hack aka the Generalized | ||
TTL Security Mechanism specified in RFC 3682. | TTL Security Mechanism specified in RFC 3682. | ||
<li>multiple, independent routing tables, with | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pf&sektion=4">pf(4)</a> | |||
acting as selector. | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=route&sektion=8">route(8)</a> | |||
can be told which table to work with now, and routing daemons have been modified to | |||
cope as well. | |||
<li>the | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pflog&sektion=4">pflog(4)</a> | |||
interface is now clonable. | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pf&sektion=4">pf(4)</a> | |||
can log to multiple pflog interfaces now, each rule can specify which pflog interface | |||
to log to. | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pflogd&sektion=8">pflogd(8)</a> and | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=spamlogd&sektion=8">spamlogd(8)</a> | |||
can now be told which pflog interface to work with. | |||
<li>the | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pfsync&sektion=4">pfsync(4)</a> | |||
interface is now clonable as well, thus only there when actually needed. | |||
</ul> | </ul> | ||
<p> | <p> | ||
<li>Assorted improvements and code cleanup: | <li>Assorted improvements and code cleanup: | ||
<ul> | <ul> |