svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf

[Gleb Smirnoff]

On Fri, Apr 03, 2015 at 11:24:08AM +0200, Hans Petter Selasky wrote:
H> What's described there is entirely about Peer2Peer communication. What 
H> I'm describing is broadcast for the whole system or firewall. Don't you 
H> understand that the IP ID counter is _linearly_ adding up and feeding 
H> back the sum to the source. It is like a radio channel for the whole 
H> firewall. Do you know how analog modems work? I have other things to do 
H> this easter and I don't want to spend more time with this either. I 
H> think the people responsible in the IP-stack area should make a fix. The 
H> IP ID must be randomized much more than it is today.

Please put

net.inet.ip.random_id=1

into your /etc/sysctl.conf, don't worry and be happy.

-- 
Totus tuus, Glebius.