Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-17 01:22:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
27cf6a6e69
linux/net/ipv4
History
Eric Dumazet cd8ae85299 tcp: provide SYN headers for passive connections 
This patch allows a server application to get the TCP SYN headers for
its passive connections.  This is useful if the server is doing
fingerprinting of clients based on SYN packet contents.

Two socket options are added: TCP_SAVE_SYN and TCP_SAVED_SYN.

The first is used on a socket to enable saving the SYN headers
for child connections. This can be set before or after the listen()
call.

The latter is used to retrieve the SYN headers for passive connections,
if the parent listener has enabled TCP_SAVE_SYN.

TCP_SAVED_SYN is read once, it frees the saved SYN headers.

The data returned in TCP_SAVED_SYN are network (IPv4/IPv6) and TCP
headers.

Original patch was written by Tom Herbert, I changed it to not hold
a full skb (and associated dst and conntracking reference).

We have used such patch for about 3 years at Google.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Tested-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-05-05 16:02:34 -04:00
..
netfilter netfilter: nf_tables: switch registers to 32 bit addressing 2015-04-13 17:17:29 +02:00
af_inet.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
ah4.c ipsec: Remove obsolete MAX_AH_AUTH_LEN 2014-09-18 10:54:36 +02:00
arp.c netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
cipso_ipv4.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
datagram.c
devinet.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
esp4.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
fib_frontend.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-04-06 22:34:15 -04:00
fib_lookup.h ipv4: FIB Local/MAIN table collapse 2015-03-11 16:22:14 -04:00
fib_rules.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
fib_semantics.c ipv4: remove the unnecessary codes in fib_info_hash_move 2015-05-02 22:17:44 -04:00
fib_trie.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
fou.c fou: avoid missing unlock in failure path 2015-04-16 12:11:19 -04:00
geneve.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-04-14 15:44:14 -04:00
gre_demux.c net: Fix GRE RX to use skb_transport_header for GRE header offset 2014-09-08 15:23:05 -07:00
gre_offload.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
icmp.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
igmp.c net: Export IGMP/MLD message validation code 2015-05-04 14:49:23 -04:00
inet_connection_sock.c inet: fix possible panic in reqsk_queue_unlink() 2015-04-24 11:39:15 -04:00
inet_diag.c tcp: prepare CC get_info() access from getsockopt() 2015-04-29 17:10:38 -04:00
inet_fragment.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
inet_hashtables.c tcp/dccp: get rid of central timewait timer 2015-04-13 16:40:05 -04:00
inet_lro.c
inet_timewait_sock.c tcp/dccp: get rid of central timewait timer 2015-04-13 16:40:05 -04:00
inetpeer.c inet: remove dead inetpeer sequence code 2014-09-08 16:42:42 -07:00
ip_forward.c ip_forward: Drop frames with attached skb->sk 2015-04-20 14:07:33 -04:00
ip_fragment.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
ip_gre.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
ip_input.c netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
ip_options.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
ip_output.c net: remove extra newlines 2015-04-07 22:24:37 -04:00
ip_sockglue.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
ip_tunnel_core.c ipv4: ip_tunnel: use net namespace from rtable not socket 2015-04-08 12:09:42 -04:00
ip_tunnel.c udp_tunnel: Pass UDP socket down through udp_tunnel{, 6}_xmit_skb(). 2015-04-07 15:29:08 -04:00
ip_vti.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
ipcomp.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
ipconfig.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
ipip.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
ipmr.c netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
Kconfig net: Move fou_build_header into fou.c and refactor 2014-11-05 16:30:02 -05:00
Makefile net: Add Geneve tunneling protocol driver 2014-10-06 00:32:20 -04:00
netfilter.c netfilter: Use nf_hook_state in nf_queue_entry. 2015-04-04 12:25:22 -04:00
ping.c ipv4: Missing sk_nulls_node_init() in ping_unhash(). 2015-05-01 22:02:47 -04:00
proc.c tcp/dccp: get rid of central timewait timer 2015-04-13 16:40:05 -04:00
protocol.c net: Export inet_offloads and inet6_offloads 2014-09-19 17:15:31 -04:00
raw.c Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-13 18:18:05 -04:00
route.c net: ipv4: route: Fix sending IGMP messages with link address 2015-05-04 00:04:08 -04:00
syncookies.c tcp: fix ipv4 mapped request socks 2015-03-25 00:57:48 -04:00
sysctl_net_ipv4.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
tcp_bic.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_cong.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-03-20 18:51:09 -04:00
tcp_cubic.c tcp: restore 1.5x per RTT limit to CUBIC cwnd growth in congestion avoidance 2015-03-11 16:51:51 -04:00
tcp_dctcp.c tcp: prepare CC get_info() access from getsockopt() 2015-04-29 17:10:38 -04:00
tcp_diag.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
tcp_fastopen.c tcp: add tcpi_bytes_received to tcp_info 2015-04-29 17:10:37 -04:00
tcp_highspeed.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_htcp.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_hybla.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_illinois.c tcp: prepare CC get_info() access from getsockopt() 2015-04-29 17:10:38 -04:00
tcp_input.c tcp: provide SYN headers for passive connections 2015-05-05 16:02:34 -04:00
tcp_ipv4.c tcp: provide SYN headers for passive connections 2015-05-05 16:02:34 -04:00
tcp_lp.c
tcp_memcontrol.c memcg: cleanup static keys decrement 2015-02-12 18:54:10 -08:00
tcp_metrics.c tcp: RFC7413 option support for Fast Open client 2015-04-07 18:36:39 -04:00
tcp_minisocks.c tcp: provide SYN headers for passive connections 2015-05-05 16:02:34 -04:00
tcp_offload.c tcp: cleanup static functions 2015-02-28 16:56:51 -05:00
tcp_output.c tcp: avoid looping in tcp_send_fin() 2015-04-24 11:06:48 -04:00
tcp_probe.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_scalable.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_timer.c tcp: RFC7413 option support for Fast Open client 2015-04-07 18:36:39 -04:00
tcp_vegas.c tcp: prepare CC get_info() access from getsockopt() 2015-04-29 17:10:38 -04:00
tcp_vegas.h tcp: prepare CC get_info() access from getsockopt() 2015-04-29 17:10:38 -04:00
tcp_veno.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_westwood.c tcp_westwood: fix tcp_westwood_info() 2015-04-30 00:27:44 -04:00
tcp_yeah.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp.c tcp: provide SYN headers for passive connections 2015-05-05 16:02:34 -04:00
tunnel4.c
udp_diag.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
udp_impl.h net: Remove iocb argument from sendmsg and recvmsg 2015-03-02 13:06:31 -05:00
udp_offload.c ipv4: coding style: comparison for inequality with NULL 2015-04-03 12:11:15 -04:00
udp_tunnel.c udp_tunnel: Pass UDP socket down through udp_tunnel{, 6}_xmit_skb(). 2015-04-07 15:29:08 -04:00
udp.c net: remove extra newlines 2015-04-07 22:24:37 -04:00
udplite.c
xfrm4_input.c netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c ipv4: hash net ptr into fragmentation bucket selection 2015-03-25 14:07:04 -04:00
xfrm4_output.c netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
xfrm4_policy.c ipv4: coding style: comparison for equality with NULL 2015-04-03 12:11:15 -04:00
xfrm4_protocol.c
xfrm4_state.c
xfrm4_tunnel.c