lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 17 Dec 2008 14:44:58 -0600
From:	Kris Katterjohn <katterjohn@...il.com>
To:	netdev <netdev@...r.kernel.org>
Subject: [PATCH] IPv4 raw_hdrincl_nomangle sysctl

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey everyone,

Sometimes it's just plain useful to be able to build full bogus IP packets and
be able to send them, such as to see how different pieces of software react to
them.  This is an interest of mine.

I've attached a patch to add a net.ipv4.raw_hdrincl_nomangle sysctl (defaults
to 0) to control whether or not Linux changes the header passed using
IP_HDRINCL (checksum, IPID, etc).  This way it's not required to build a
special kernel simply to have control over what you send.  This was needed,
for example, in this discussion[1] on Nmap's packet handling.

I'm obviously not a regular kernel developer, so any hints on making this
patch better would be much appreciated.  It works great for me, though, and
it's quite simple.

Thanks,
Kris Katterjohn

[1] http://seclists.org/nmap-dev/2008/q4/index.html#543


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBAgAGBQJJSWTFAAoJEP9K37xXYl36F/kP/jfoLpeA7T4c2mSKcdIRMDDf
FLhuxCeqK3TnKPopRL5PBe0r1JJOGrYjQkdtOoajbWIa6nFNZ1l4GA3S7qrs+kXU
VnTV6qA2VIiDH/SgfWj6lOcHLhCAePnQYukl1fcYnhSgiwNDXSjav+LudlyN2oRa
/yJMgceVsvS3vP31Y9U2Go6RlxcCAxqwLnkepbzCpStzM93cIXiTwSOwhTqP0k9c
seZ5vhYGdVL/uoCkztGoEkdxpt1FBnS8UQsF8ljbo0GvTsz3ojWRpYq0Z15/ZT+c
y/bdR1HwCCHNss6Wxda4RDrRbDRgGzz+MfqWtEDCA/nKD74aMYAQtz/3iG5hMn2z
m46qNQ1OyYQqebU8zHMHTNBilkRNTIUvvzu9LdgY2axxzb/2GoJYrMXPAiqrc9Jf
CeVBk7yrIAaA5HqaXUzmwzZTWqWSUwkrUtjnJ9jiCY7iQY+kLyh6IdvwrIZF6oZ2
yBlrSyuGgtnQnCyUS3zvHA2VJhvinGIL8RWFxZhS+DD7ODKzZfsllm/7bkORvjGl
0YmciQGWTnr4pJaYCK87n16lqvw98t5UTMtPmtQxHbyWkAOTPSQYvbIH+5wS9qvJ
Llppo6TFJSS9E4YX+IkAcS3452zSb8ySxM2u1UHt40GvPbodFmx7btKxtClsGX1u
5SZnaWxHcgdSk20sxd2N
=sbTx
-----END PGP SIGNATURE-----

View attachment "rawsysctl.patch" of type "text/x-diff" (1559 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ