From owner-freebsd-net@FreeBSD.ORG Sun Feb 6 03:25:16 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4B19C106564A; Sun, 6 Feb 2011 03:25:16 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.freebsd.org (Postfix) with ESMTP id 730678FC08; Sun, 6 Feb 2011 03:25:14 +0000 (UTC) X-Spam-Status: No X-Hellug-MailScanner-From: keramida@ceid.upatras.gr X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-2.9, required 5, autolearn=not spam, ALL_TRUSTED -1.00, BAYES_00 -1.90) X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-ID: p163E5dY014472 Received: from gkeramidas-glaptop.linux.gr (207.47.25.82.static.nextweb.net [207.47.25.82]) (authenticated bits=0) by igloo.linux.gr (8.14.3/8.14.3/Debian-9.4) with ESMTP id p163E5dY014472 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 6 Feb 2011 05:14:12 +0200 From: Giorgos Keramidas To: Doug Barton References: <4D411CC6.1090202@gont.com.ar> <4D431258.8040704@FreeBSD.org> Date: Sat, 05 Feb 2011 19:14:01 -0800 In-Reply-To: <4D431258.8040704@FreeBSD.org> (Doug Barton's message of "Fri, 28 Jan 2011 11:00:40 -0800") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Cc: FreeBSD Net , Ivo Vachkov , bz@freebsd.org Subject: Re: Proposed patch for Port Randomization modifications according to RFC6056 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Feb 2011 03:25:16 -0000 On Fri, 28 Jan 2011 11:00:40 -0800, Doug Barton wrote: > I haven't reviewed the patch in detail yet but I wanted to first thank > you for taking on this work, and being so responsive to Fernando's > request (which I agreed with, and you updated before I even had a > chance to say so). :) Thanks from me too. > My one comment so far is on the name of the sysctl's. There are 2 > problems with sysctl/variable names that use an rfc title. The first is > that they are not very descriptive to the 99.9% of users who are not > familiar with that particular doc. The second is more esoteric, but if > the rfc is subsequently updated or obsoleted we're stuck with either an > anachronism or updating code (both of which have their potential areas > of confusion). > > So in order to avoid this issue, and make it more consistent with the > existing: > > net.inet.ip.portrange.randomtime > net.inet.ip.portrange.randomcps > net.inet.ip.portrange.randomized > > How does net.inet.ip.portrange.randomalg sound? I would also suggest > that the second sysctl be named > net.inet.ip.portrange.randomalg.alg5_tradeoff so that one could do > sysctl net.inet.ip.portrange.randomalg' and see both values. But I won't > quibble on that. :) It's a usability issue too, so I'd certainly support renaming the sysctls to something human-friendly. It's always bad enough to go through look at a search engine to find out what net.inet.rfc1234 means. It's worse when RFC 1234 has been obsoleted a few years ago and now it's called RFC 54321.