net: add sysctl for enabling RFC 8335 PROBE messages

Section 8 of RFC 8335 specifies potential security concerns of responding to PROBE requests, and states that nodes that support PROBE functionality MUST be able to enable/disable responses and that responses MUST be disabled by default Signed-off-by: Andreas Roeseler <andreas.a.roeseler@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Andreas Roeseler <andreas.a.roeseler@gmail.com> 2021-03-30 03:45:29 +0200
committer: David S. Miller <davem@davemloft.net> 2021-03-30 22:29:39 +0200
commit: f1b8fa9fa5865c58c093cde6d782104c22df9088 (patch)
tree: ef07fd170fd9cbc12478bf4dc4a28882054aaa45 /include/net/netns/ipv4.h
parent: ICMPV6: add support for RFC 8335 PROBE (diff)
download: linux-f1b8fa9fa5865c58c093cde6d782104c22df9088.tar.xz
linux-f1b8fa9fa5865c58c093cde6d782104c22df9088.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index d377266d133f..9c8dd424d79b 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -84,6 +84,7 @@ struct netns_ipv4 {
 #endif
 
 	u8 sysctl_icmp_echo_ignore_all;
+	u8 sysctl_icmp_echo_enable_probe;
 	u8 sysctl_icmp_echo_ignore_broadcasts;
 	u8 sysctl_icmp_ignore_bogus_error_responses;
 	u8 sysctl_icmp_errors_use_inbound_ifaddr;
author	Andreas Roeseler <andreas.a.roeseler@gmail.com>	2021-03-30 03:45:29 +0200
committer	David S. Miller <davem@davemloft.net>	2021-03-30 22:29:39 +0200
commit	f1b8fa9fa5865c58c093cde6d782104c22df9088 (patch)
tree	ef07fd170fd9cbc12478bf4dc4a28882054aaa45 /include/net/netns/ipv4.h
parent	ICMPV6: add support for RFC 8335 PROBE (diff)
download	linux-f1b8fa9fa5865c58c093cde6d782104c22df9088.tar.xz linux-f1b8fa9fa5865c58c093cde6d782104c22df9088.zip