summaryrefslogtreecommitdiffhomepage
path: root/server/sockopt_bsd.go
diff options
context:
space:
mode:
authorIWASE Yusuke <iwase.yusuke0@gmail.com>2017-06-21 09:04:28 +0900
committerFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>2017-06-23 18:13:19 +0900
commit613d8a1e9378bf13ffe98b72d6c2b8069c282003 (patch)
tree3722796ca016873de509c267e74ede89cf54012c /server/sockopt_bsd.go
parent5bb427a994989f97570ddfc7200a884e57e5530b (diff)
server/sockopt: Support to set minimum TTL
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Diffstat (limited to 'server/sockopt_bsd.go')
-rw-r--r--server/sockopt_bsd.go33
1 files changed, 24 insertions, 9 deletions
diff --git a/server/sockopt_bsd.go b/server/sockopt_bsd.go
index 62514edb..a9f9d61f 100644
--- a/server/sockopt_bsd.go
+++ b/server/sockopt_bsd.go
@@ -25,7 +25,8 @@ import (
)
const (
- TCP_MD5SIG = 0x10
+ TCP_MD5SIG = 0x10 // TCP MD5 Signature (RFC2385)
+ IPV6_MINHOPCOUNT = 73 // Generalized TTL Security Mechanism (RFC5082)
)
func SetTcpMD5SigSockopts(l *net.TCPListener, address string, key string) error {
@@ -49,13 +50,7 @@ func SetTcpMD5SigSockopts(l *net.TCPListener, address string, key string) error
return nil
}
-func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error {
- level := syscall.IPPROTO_IP
- name := syscall.IP_TTL
- if strings.Contains(conn.RemoteAddr().String(), "[") {
- level = syscall.IPPROTO_IPV6
- name = syscall.IPV6_UNICAST_HOPS
- }
+func setTcpSockoptInt(conn *net.TCPConn, level int, name int, value int) error {
fi, err := conn.File()
defer fi.Close()
if err != nil {
@@ -64,7 +59,27 @@ func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error {
if conn, err := net.FileConn(fi); err == nil {
defer conn.Close()
}
- return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(int(fi.Fd()), level, name, ttl))
+ return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(int(fi.Fd()), level, name, value))
+}
+
+func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error {
+ level := syscall.IPPROTO_IP
+ name := syscall.IP_TTL
+ if strings.Contains(conn.RemoteAddr().String(), "[") {
+ level = syscall.IPPROTO_IPV6
+ name = syscall.IPV6_UNICAST_HOPS
+ }
+ return setTcpSockoptInt(conn, level, name, ttl)
+}
+
+func SetTcpMinTTLSockopts(conn *net.TCPConn, ttl int) error {
+ level := syscall.IPPROTO_IP
+ name := syscall.IP_MINTTL
+ if strings.Contains(conn.RemoteAddr().String(), "[") {
+ level = syscall.IPPROTO_IPV6
+ name = IPV6_MINHOPCOUNT
+ }
+ return setTcpSockoptInt(conn, level, name, ttl)
}
func DialTCPTimeoutWithMD5Sig(host string, port int, localAddr, key string, msec int) (*net.TCPConn, error) {