[src/netbsd-1-4]: src/sys/netinet Pull up revision 1.53 (via patch, requested...

[he <he%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/dd79f3c17866
branches:  netbsd-1-4
changeset: 471299:dd79f3c17866
user:      he <he%NetBSD.org@localhost>
date:      Wed May 30 09:43:49 2001 +0000

description:
Pull up revision 1.53 (via patch, requested by he):
  Introduce net.inet.ip.maxfragpackets, which controls the maximum
  number of IPv4 fragment reassembly queue entries.  Defends against
  certain DoS attacks.  Fixes SA#2001-006.

diffstat:

 sys/netinet/in.h |  11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)

diffs (32 lines):

diff -r d1064e0a5919 -r dd79f3c17866 sys/netinet/in.h
--- a/sys/netinet/in.h  Sat May 26 15:01:29 2001 +0000
+++ b/sys/netinet/in.h  Wed May 30 09:43:49 2001 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in.h,v 1.39 1998/09/14 21:15:56 hwr Exp $      */
+/*     $NetBSD: in.h,v 1.39.6.1 2001/05/30 09:43:49 he Exp $   */
 
 /*
  * Copyright (c) 1982, 1986, 1990, 1993
@@ -297,7 +297,9 @@
 #define        IPCTL_ANONPORTMAX      11       /* maximum ephemeral port */
 #define        IPCTL_MTUDISCTIMEOUT   12       /* allow path MTU discovery */
 #define        IPCTL_MAXFLOWS         13       /* maximum ip flows allowed */
-#define        IPCTL_MAXID            14
+/* 14 to 17: assigned after 1.4 was branched */
+#define        IPCTL_MAXFRAGPACKETS   18       /* max packets reassembly queue */
+#define        IPCTL_MAXID            19
 
 #define        IPCTL_NAMES { \
        { 0, 0 }, \
@@ -314,6 +316,11 @@
        { "anonportmax", CTLTYPE_INT }, \
        { "mtudisctimeout", CTLTYPE_INT }, \
        { "maxflows", CTLTYPE_INT }, \
+       { 0, 0 }, \
+       { 0, 0 }, \
+       { 0, 0 }, \
+       { 0, 0 }, \
+       { "maxfragpackets", CTLTYPE_INT }, \
 }
 #endif /* !_XOPEN_SOURCE */