From owner-svn-src-head@freebsd.org Tue Aug 14 17:36:22 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6EF55107F7E3; Tue, 14 Aug 2018 17:36:22 +0000 (UTC) (envelope-from jtl@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 237F67D77C; Tue, 14 Aug 2018 17:36:22 +0000 (UTC) (envelope-from jtl@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0066D1EB5F; Tue, 14 Aug 2018 17:36:21 +0000 (UTC) (envelope-from jtl@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7EHaLaE022140; Tue, 14 Aug 2018 17:36:21 GMT (envelope-from jtl@FreeBSD.org) Received: (from jtl@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7EHaLdl022138; Tue, 14 Aug 2018 17:36:21 GMT (envelope-from jtl@FreeBSD.org) Message-Id: <201808141736.w7EHaLdl022138@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jtl set sender to jtl@FreeBSD.org using -f From: "Jonathan T. Looney" Date: Tue, 14 Aug 2018 17:36:21 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r337788 - head/share/man/man4 X-SVN-Group: head X-SVN-Commit-Author: jtl X-SVN-Commit-Paths: head/share/man/man4 X-SVN-Commit-Revision: 337788 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Aug 2018 17:36:22 -0000 Author: jtl Date: Tue Aug 14 17:36:21 2018 New Revision: 337788 URL: https://svnweb.freebsd.org/changeset/base/337788 Log: Update the inet(4) and inet6(4) man pages to reflect the changes made to the reassembly code in r337778, r337780, r337781, r337782, and r337783. Security: FreeBSD-SA-18:10.ip Security: CVE-2018-6923 Modified: head/share/man/man4/inet.4 head/share/man/man4/inet6.4 Modified: head/share/man/man4/inet.4 ============================================================================== --- head/share/man/man4/inet.4 Tue Aug 14 17:32:07 2018 (r337787) +++ head/share/man/man4/inet.4 Tue Aug 14 17:36:21 2018 (r337788) @@ -28,7 +28,7 @@ .\" From: @(#)inet.4 8.1 (Berkeley) 6/5/93 .\" $FreeBSD$ .\" -.Dd Feb 4, 2016 +.Dd August 14, 2018 .Dt INET 4 .Os .Sh NAME @@ -229,15 +229,38 @@ At the same time, on high-speed links, it can decrease cycle greatly. Default is 0 (sequential IP IDs). IPv6 flow IDs and fragment IDs are always random. +.It Va ip.maxfrags +Integer: maximum number of fragments the host will accept and simultaneously +hold across all reassembly queues in all VNETs. +If set to 0, reassembly is disabled. +If set to -1, this limit is not applied. +This limit is recalculated when the number of mbuf clusters is changed. +This is a global limit. .It Va ip.maxfragpackets -Integer: maximum number of fragmented packets the host will accept and hold -in the reassembling queue simultaneously. -0 means that the host will not accept any fragmented packets. -\-1 means that the host will accept as many fragmented packets as it receives. +Integer: maximum number of fragmented packets the host will accept and +simultaneously hold in the reassembly queue for a particular VNET. +0 means that the host will not accept any fragmented packets for that VNET. +\-1 means that the host will not apply this limit for that VNET. +This limit is recalculated when the number of mbuf clusters is changed. +This is a per-VNET limit. +.It Va ip.maxfragbucketsize +Integer: maximum number of reassembly queues per bucket. +Fragmented packets are hashed to buckets. +Each bucket has a list of reassembly queues. +The system must compare the incoming packets to the existing reassembly queues +in the bucket to find a matching reassembly queue. +To preserve system resources, the system limits the number of reassembly +queues allowed in each bucket. +This limit is recalculated when the number of mbuf clusters is changed or +when the value of +.Va ip.maxfragpackets +changes. +This is a per-VNET limit. .It Va ip.maxfragsperpacket Integer: maximum number of fragments the host will accept and hold -in the reassembling queue for a packet. -0 means that the host will not accept any fragmented packets. +in the reassembly queue for a packet. +0 means that the host will not accept any fragmented packets for the VNET. +This is a per-VNET limit. .El .Sh SEE ALSO .Xr ioctl 2 , Modified: head/share/man/man4/inet6.4 ============================================================================== --- head/share/man/man4/inet6.4 Tue Aug 14 17:32:07 2018 (r337787) +++ head/share/man/man4/inet6.4 Tue Aug 14 17:36:21 2018 (r337788) @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd September 2, 2009 +.Dd August 14, 2018 .Dt INET6 4 .Os .Sh NAME @@ -219,12 +219,41 @@ packets. This value applies to all the transport protocols on top of .Tn IPv6 . There are APIs to override the value. +.It Dv IPV6CTL_MAXFRAGS +.Pq ip6.maxfrags +Integer: maximum number of fragments the host will accept and simultaneously +hold across all reassembly queues in all VNETs. +If set to 0, fragment reassembly is disabled. +If set to -1, this limit is not applied. +This limit is recalculated when the number of mbuf clusters is changed. +This is a global limit. .It Dv IPV6CTL_MAXFRAGPACKETS .Pq ip6.maxfragpackets -Integer: default maximum number of fragmented packets the node will accept. -0 means that the node will not accept any fragmented packets. --1 means that the node will accept as many fragmented packets as it receives. -The flag is provided basically for avoiding possible DoS attacks. +Integer: maximum number of fragmented packets the node will accept and +simultaneously hold in the reassembly queue for a particular VNET. +0 means that the node will not accept any fragmented packets for that VNET. +-1 means that the node will not apply this limit for that VNET. +This limit is recalculated when the number of mbuf clusters is changed. +This is a per-VNET limit. +.It Dv IPV6CTL_MAXFRAGBUCKETSIZE +.Pq ip6.maxfragbucketsize +Integer: maximum number of reassembly queues per bucket. +Fragmented packets are hashed to buckets. +Each bucket has a list of reassembly queues. +The system must compare the incoming packets to the existing reassembly queues +in the bucket to find a matching reassembly queue. +To preserve system resources, the system limits the number of reassembly +queues allowed in each bucket. +This limit is recalculated when the number of mbuf clusters is changed or +when the value of +.Va ip6.maxfragpackets +changes. +This is a per-VNET limit. +.It Dv IPV6CTL_MAXFRAGSPERPACKET +.Pq ip6.maxfragsperpacket +Integer: maximum number of fragments the host will accept and hold in the +ressembly queue for a packet. +This is a per-VNET limit. .It Dv IPV6CTL_ACCEPT_RTADV .Pq ip6.accept_rtadv Boolean: the default value of a per-interface flag to