From owner-freebsd-security@FreeBSD.ORG  Sat Sep  3 18:05:11 2011
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BB4DF106566C
	for <freebsd-security@freebsd.org>;
	Sat,  3 Sep 2011 18:05:11 +0000 (UTC)
	(envelope-from sidetripping@gmail.com)
Received: from mail-fx0-f54.google.com (mail-fx0-f54.google.com
	[209.85.161.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 515CF8FC13
	for <freebsd-security@freebsd.org>;
	Sat,  3 Sep 2011 18:05:11 +0000 (UTC)
Received: by fxe4 with SMTP id 4so3288608fxe.13
	for <freebsd-security@freebsd.org>;
	Sat, 03 Sep 2011 11:05:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:date:message-id:subject:from:to:content-type;
	bh=EOkFvSEh9yUsmKFpsEjhbfk1WMOjyb/SvSFFyQmJpAU=;
	b=wdDhrDeZqOZun/1J91CbXsXfJtTzGyR5cqsDxYmSis3/4KwWw/0iyrab7LWOPumeJr
	neNxNeLOtNJKYvV70DnWFm6yyu8I0HJd6PoMzvNL02voSArbWwTHkVbOrvIj8pjgNw6j
	sLzZCNs/3on58Mhm5HFyewbOuTWzGQAyvjx3M=
MIME-Version: 1.0
Received: by 10.223.26.20 with SMTP id b20mr152396fac.50.1315071157289; Sat,
	03 Sep 2011 10:32:37 -0700 (PDT)
Received: by 10.152.23.10 with HTTP; Sat, 3 Sep 2011 10:32:37 -0700 (PDT)
Date: Sat, 3 Sep 2011 19:32:37 +0200
Message-ID: <CAASvXNtmEuiOz_KD-isb6dhkRhjkWaarEvOQ_wa+ptNe8=WsNA@mail.gmail.com>
From: ian ivy <sidetripping@gmail.com>
To: freebsd-security@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Mailman-Approved-At: Sat, 03 Sep 2011 19:22:07 +0000
Subject: Which algorithm is used for IP fragmentation ID?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Sep 2011 18:05:11 -0000

Hello everyone. It is my first post on this mailinglist.

As we know in FreeBSD there is the pseudo random
number generator (PRNG) for random IP fragmentation ID.
It is available when "net.inet.ip.random_id" sysctl variable is
set to 1 (default 0). I would like to know, which algorithm (X2,
X3 or A0 or another one) is used in FreeBSD 8.1-RELEASE or
better in 8 branch?

Which algorithm is used in FreeBSD for packet filtering
(IP packet normalization, or e.g. scrub on $ext_if ... random-id
for the PF ruleset), pfsync interface protocol and (if the kernel  flag
"net.inet.ip.random_id" is set to 1) for "regular" IP traffic
(with TCP/UDP), IP multicast routing... etc?


Best regards!