From owner-cvs-src@FreeBSD.ORG  Mon Aug 22 16:13:10 2005
Return-Path: <owner-cvs-src@FreeBSD.ORG>
X-Original-To: cvs-src@FreeBSD.org
Delivered-To: cvs-src@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E7DB316A41F;
	Mon, 22 Aug 2005 16:13:09 +0000 (GMT)
	(envelope-from andre@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B8B6E43D55;
	Mon, 22 Aug 2005 16:13:09 +0000 (GMT)
	(envelope-from andre@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j7MGD9Co044693;
	Mon, 22 Aug 2005 16:13:09 GMT
	(envelope-from andre@repoman.freebsd.org)
Received: (from andre@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j7MGD99U044692;
	Mon, 22 Aug 2005 16:13:09 GMT (envelope-from andre)
Message-Id: <200508221613.j7MGD99U044692@repoman.freebsd.org>
From: Andre Oppermann <andre@FreeBSD.org>
Date: Mon, 22 Aug 2005 16:13:09 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: src/sys/netinet in.h in_pcb.h ip_output.c raw_ip.c
 tcp_input.c udp_usrreq.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Aug 2005 16:13:10 -0000

andre       2005-08-22 16:13:09 UTC

  FreeBSD src repository

  Modified files:
    sys/netinet          in.h in_pcb.h ip_output.c raw_ip.c 
                         tcp_input.c udp_usrreq.c 
  Log:
  Add socketoption IP_MINTTL.  May be used to set the minimum acceptable
  TTL a packet must have when received on a socket.  All packets with a
  lower TTL are silently dropped.  Works on already connected/connecting
  and listening sockets for RAW/UDP/TCP.
  
  This option is only really useful when set to 255 preventing packets
  from outside the directly connected networks reaching local listeners
  on sockets.
  
  Allows userland implementation of 'The Generalized TTL Security Mechanism
  (GTSM)' according to RFC3682.  Examples of such use include the Cisco IOS
  BGP implementation command "neighbor ttl-security".
  
  MFC after:      2 weeks
  Sponsored by:   TCP/IP Optimization Fundraise 2005
  
  Revision  Changes    Path
  1.91      +1 -0      src/sys/netinet/in.h
  1.81      +1 -0      src/sys/netinet/in_pcb.h
  1.245     +14 -0     src/sys/netinet/ip_output.c
  1.151     +3 -0      src/sys/netinet/raw_ip.c
  1.282     +5 -0      src/sys/netinet/tcp_input.c
  1.176     +3 -0      src/sys/netinet/udp_usrreq.c