Skip to content

L
linux
Commit 29cdd1db authored by Hideaki Yoshifuji's avatar Hideaki Yoshifuji Committed by David S. Miller
Browse files
Options

[IPV6]: Add ICMP6 rate limit sysctl.

parent 524354b4
Hide whitespace changes
Inline Side-by-side
Showing with 34 additions and 3 deletions
Documentation/networking/ip-sysctl.txt
View file @ 29cdd1db
...@@ -569,8 +569,14 @@ router_solicitations - INTEGER ...@@ -569,8 +569,14 @@ router_solicitations - INTEGER
routers are present. routers are present.
Default: 3 Default: 3
icmp/*:
ratelimit - INTEGER
Limit the maximal rates for sending ICMPv6 packets.
0 to disable any limiting, otherwise the maximal rate in jiffies(1)
Default: 100
IPv6 Update by: IPv6 Update by:
Pekka Savola Pekka Savola <pekkas@netcore.fi>
pekkas@netcore.fi YOSHIFUJI Hideaki / USAGI Project <yoshfuji@linux-ipv6.org>
$Id: ip-sysctl.txt,v 1.20 2001/12/13 09:00:18 davem Exp $ $Id: ip-sysctl.txt,v 1.20 2001/12/13 09:00:18 davem Exp $
include/linux/sysctl.h
View file @ 29cdd1db
...@@ -358,7 +358,8 @@ enum { ...@@ -358,7 +358,8 @@ enum {
NET_IPV6_CONF=16, NET_IPV6_CONF=16,
NET_IPV6_NEIGH=17, NET_IPV6_NEIGH=17,
NET_IPV6_ROUTE=18, NET_IPV6_ROUTE=18,
NET_IPV6_BINDV6ONLY=20, NET_IPV6_ICMP=19,
NET_IPV6_BINDV6ONLY=20
}; };
enum { enum {
...@@ -386,6 +387,11 @@ enum { ...@@ -386,6 +387,11 @@ enum {
NET_IPV6_RTR_SOLICIT_DELAY=10 NET_IPV6_RTR_SOLICIT_DELAY=10
}; };
/* /proc/sys/net/ipv6/icmp */
enum {
NET_IPV6_ICMP_RATELIMIT=1
};
/* /proc/sys/net/<protocol>/neigh/<dev> */ /* /proc/sys/net/<protocol>/neigh/<dev> */
enum { enum {
NET_NEIGH_MCAST_SOLICIT=1, NET_NEIGH_MCAST_SOLICIT=1,
......
net/ipv6/icmp.c
View file @ 29cdd1db
...@@ -25,6 +25,7 @@ ...@@ -25,6 +25,7 @@
* add more length checks and other fixes. * add more length checks and other fixes.
* yoshfuji : ensure to sent parameter problem for * yoshfuji : ensure to sent parameter problem for
* fragments. * fragments.
* YOSHIFUJI Hideaki @USAGI: added sysctl for icmp rate limit.
*/ */
#define __NO_VERSION__ #define __NO_VERSION__
...@@ -40,6 +41,10 @@ ...@@ -40,6 +41,10 @@
#include <linux/skbuff.h> #include <linux/skbuff.h>
#include <linux/init.h> #include <linux/init.h>
#ifdef CONFIG_SYSCTL
#include <linux/sysctl.h>
#endif
#include <linux/inet.h> #include <linux/inet.h>
#include <linux/netdevice.h> #include <linux/netdevice.h>
#include <linux/icmpv6.h> #include <linux/icmpv6.h>
...@@ -697,3 +702,12 @@ int icmpv6_err_convert(int type, int code, int *err) ...@@ -697,3 +702,12 @@ int icmpv6_err_convert(int type, int code, int *err)
return fatal; return fatal;
} }
#ifdef CONFIG_SYSCTL
ctl_table ipv6_icmp_table[] = {
{NET_IPV6_ICMP_RATELIMIT, "ratelimit",
&sysctl_icmpv6_time, sizeof(int), 0644, NULL, &proc_dointvec},
{0},
};
#endif
net/ipv6/sysctl_net_ipv6.c
View file @ 29cdd1db
/* /*
* sysctl_net_ipv6.c: sysctl interface to net IPV6 subsystem. * sysctl_net_ipv6.c: sysctl interface to net IPV6 subsystem.
*
* Changes:
* YOSHIFUJI Hideaki @USAGI: added icmp sysctl table.
*/ */
#include <linux/mm.h> #include <linux/mm.h>
...@@ -12,11 +15,13 @@ ...@@ -12,11 +15,13 @@
#include <net/addrconf.h> #include <net/addrconf.h>
extern ctl_table ipv6_route_table[]; extern ctl_table ipv6_route_table[];
extern ctl_table ipv6_icmp_table[];
#ifdef CONFIG_SYSCTL #ifdef CONFIG_SYSCTL
ctl_table ipv6_table[] = { ctl_table ipv6_table[] = {
{NET_IPV6_ROUTE, "route", NULL, 0, 0555, ipv6_route_table}, {NET_IPV6_ROUTE, "route", NULL, 0, 0555, ipv6_route_table},
{NET_IPV6_ICMP, "icmp", NULL, 0, 0500, ipv6_icmp_table},
{NET_IPV6_BINDV6ONLY, "bindv6only", {NET_IPV6_BINDV6ONLY, "bindv6only",
&sysctl_ipv6_bindv6only, sizeof(int), 0644, NULL, &proc_dointvec}, &sysctl_ipv6_bindv6only, sizeof(int), 0644, NULL, &proc_dointvec},
{0} {0}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7