Code Review / vpp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: b388e1a) | patch
reassembly: prevent long chain attack 43/19643/3
authorKlement Sekera <ksekera@cisco.com>
Thu, 16 May 2019 12:35:46 +0000 (14:35 +0200)
committerOle Trøan <otroan@employees.org>
Mon, 20 May 2019 12:13:11 +0000 (12:13 +0000)
commit3a343d42d7bd90753ea6ed48fe750a7a209b1ddf
treeba831c36c69365d67a2d20d7a6d447b831a1b88etree | snapshot
parentb388e1a50603a07e20007141221ca4f4a18ab698commit | diff
reassembly: prevent long chain attack

limit max # of fragments to 3 per packet by default
add API option to configure the limit at runtime

Change-Id: Ie4b9507bf5c6095b9a5925972b37fe0032f4f9e8
Signed-off-by: Klement Sekera <ksekera@cisco.com>
src/vnet/ip/ip.api diff | blob | history
src/vnet/ip/ip4_error.h diff | blob | history
src/vnet/ip/ip4_reassembly.c diff | blob | history
src/vnet/ip/ip4_reassembly.h diff | blob | history
src/vnet/ip/ip6_error.h diff | blob | history
src/vnet/ip/ip6_reassembly.c diff | blob | history
src/vnet/ip/ip6_reassembly.h diff | blob | history
src/vnet/ip/ip_api.c diff | blob | history
test/framework.py diff | blob | history
test/test_ipip.py diff | blob | history
test/test_reassembly.py diff | blob | history
Vector Packet Processing