commit 71651ea4aa507ee50865bd9584873e0c9a422c14
parent 8183640ada0ccef0c1f123a312b99c87269a1cae
Author: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 7 Apr 2015 16:36:05 +0200
Complain if net.inet.ip.random_id is not set on FreeBSD-based servers
Apparently a couple of operators haven't gotten the memos [0] yet
and it looks like FreeBSD's default value will not change any time
soon [1].
[0]:
https://lists.torproject.org/pipermail/tor-relays/2014-March/004199.html
https://lists.torproject.org/pipermail/tor-relays/2014-November/005687.html
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195828
[1]:
https://lists.freebsd.org/pipermail/freebsd-net/2015-April/041942.html
Diffstat:
1 file changed, 21 insertions(+), 0 deletions(-)
diff --git a/src/app/config/config.c b/src/app/config/config.c
@@ -157,6 +157,10 @@
#include "core/or/connection_st.h"
#include "core/or/port_cfg_st.h"
+#ifdef __FreeBSD__
+#include <sys/sysctl.h>
+#endif
+
#ifdef HAVE_SYSTEMD
# if defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__)
/* Systemd's use of gcc's __INCLUDE_LEVEL__ extension macro appears to confuse
@@ -3383,6 +3387,23 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (ContactInfo && !string_is_utf8(ContactInfo, strlen(ContactInfo)))
REJECT("ContactInfo config option must be UTF-8.");
+#ifdef __FreeBSD__
+ if (server_mode(options)) {
+ int random_id_state;
+ size_t state_size = sizeof(random_id_state);
+
+ if (sysctlbyname("net.inet.ip.random_id", &random_id_state,
+ &state_size, NULL, 0)) {
+ log_warn(LD_CONFIG,
+ "Failed to figure out if IP ids are randomized.");
+ } else if (random_id_state == 0) {
+ log_warn(LD_CONFIG, "Looks like IP ids are not randomized. "
+ "Please consider setting the net.inet.ip.random_id sysctl, "
+ "so your relay makes it harder to figure out how busy it is.");
+ }
+ }
+#endif
+
/* Special case on first boot if no Log options are given. */
if (!options->Logs && !options->RunAsDaemon && !from_setconf) {
if (quiet_level == 0)
