diff options
author | Daniel Borkmann <dborkman@redhat.com> | 2013-12-22 04:15:38 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-01-04 00:37:23 +0100 |
commit | 3cefc136d13f426fd68808ddfd39ada0c90f23db (patch) | |
tree | 536defe8f11cb6400f23ed30663f39485f929776 /extensions/libxt_mac.man | |
parent | 0bb8765cc28cf1ddde70f3f5bfed96a067b1ead3 (diff) |
iptables: snat: add randomize-full support
This patch provides the userspace part for snat in order to make
randomize-full support available in {ip,nf}tables. It allows for
enabling full port randomization that was motivated in [1] and
introduced to the kernel in [2].
Joint work between Hannes Frederic Sowa and Daniel Borkmann.
[1] https://sites.google.com/site/hayashulman/files/NIC-derandomisation.pdf
[2] http://patchwork.ozlabs.org/patch/304306/
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libxt_mac.man')
0 files changed, 0 insertions, 0 deletions