diff options
author | IWASE Yusuke <iwase.yusuke0@gmail.com> | 2017-06-21 09:04:28 +0900 |
---|---|---|
committer | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2017-06-23 18:13:19 +0900 |
commit | 613d8a1e9378bf13ffe98b72d6c2b8069c282003 (patch) | |
tree | 3722796ca016873de509c267e74ede89cf54012c /server/sockopt_bsd.go | |
parent | 5bb427a994989f97570ddfc7200a884e57e5530b (diff) |
server/sockopt: Support to set minimum TTL
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Diffstat (limited to 'server/sockopt_bsd.go')
-rw-r--r-- | server/sockopt_bsd.go | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/server/sockopt_bsd.go b/server/sockopt_bsd.go index 62514edb..a9f9d61f 100644 --- a/server/sockopt_bsd.go +++ b/server/sockopt_bsd.go @@ -25,7 +25,8 @@ import ( ) const ( - TCP_MD5SIG = 0x10 + TCP_MD5SIG = 0x10 // TCP MD5 Signature (RFC2385) + IPV6_MINHOPCOUNT = 73 // Generalized TTL Security Mechanism (RFC5082) ) func SetTcpMD5SigSockopts(l *net.TCPListener, address string, key string) error { @@ -49,13 +50,7 @@ func SetTcpMD5SigSockopts(l *net.TCPListener, address string, key string) error return nil } -func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error { - level := syscall.IPPROTO_IP - name := syscall.IP_TTL - if strings.Contains(conn.RemoteAddr().String(), "[") { - level = syscall.IPPROTO_IPV6 - name = syscall.IPV6_UNICAST_HOPS - } +func setTcpSockoptInt(conn *net.TCPConn, level int, name int, value int) error { fi, err := conn.File() defer fi.Close() if err != nil { @@ -64,7 +59,27 @@ func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error { if conn, err := net.FileConn(fi); err == nil { defer conn.Close() } - return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(int(fi.Fd()), level, name, ttl)) + return os.NewSyscallError("setsockopt", syscall.SetsockoptInt(int(fi.Fd()), level, name, value)) +} + +func SetTcpTTLSockopts(conn *net.TCPConn, ttl int) error { + level := syscall.IPPROTO_IP + name := syscall.IP_TTL + if strings.Contains(conn.RemoteAddr().String(), "[") { + level = syscall.IPPROTO_IPV6 + name = syscall.IPV6_UNICAST_HOPS + } + return setTcpSockoptInt(conn, level, name, ttl) +} + +func SetTcpMinTTLSockopts(conn *net.TCPConn, ttl int) error { + level := syscall.IPPROTO_IP + name := syscall.IP_MINTTL + if strings.Contains(conn.RemoteAddr().String(), "[") { + level = syscall.IPPROTO_IPV6 + name = IPV6_MINHOPCOUNT + } + return setTcpSockoptInt(conn, level, name, ttl) } func DialTCPTimeoutWithMD5Sig(host string, port int, localAddr, key string, msec int) (*net.TCPConn, error) { |