1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# This file is part of network. It is subject to the license terms in the COPYRIGHT file found in the top-level directory of this distribution and at https://raw.githubusercontent.com/lemonrock/network/master/COPYRIGHT. No part of network, including this file, may be copied, modified, propagated, or distributed except according to the terms contained in the COPYRIGHT file.
# Copyright © 2018 The developers of network. See the COPYRIGHT file in the top-level directory of this distribution and at https://raw.githubusercontent.com/lemonrock/network/master/COPYRIGHT.
[]
= "network-internet-protocol"
= "A domain model of internet protocol version 4 and version 6 host addresses, masks, network addresses and packets and associated types."
= ["network", "internet", "protocol", "packet", "ipv4"]
= ["data-structures", "network-programming"]
= "AGPL-3.0"
= ["Raphael Cohn <raphael.cohn@stormmq.com>"]
= "https://github.com/lemonrock/network"
= "https://github.com/lemonrock/network.git"
= ["*"]
= ["README.md", "LICENSE", "COPYRIGHT", "src/**/*.rs", "Cargo.toml", "rustfmt.toml", "clippy.toml"]
= "README.md"
= true
= "0.1.10"
[]
= "^0.3"
= "^0.7"
= { = "^0.1", = true }
= "^0.2"
= "0.1"
= { = "../network-check-sum", = "^0.1" }
= { = "../network-endian", = "^0.1" }
= { = "../network-ethernet", = "^0.1" }
= { = "../network-packet", = "^0.1" }
= { = "../network-time", = "^0.1" }
= "1.0"
= "1.0"
[]
= ["drop-packets-with-ipv4-options", "drop-packets-with-ipv4-options-lacking-zero-padding", "drop-ipv4-packets-with-do-not-fragment-and-non-zero-identification", "drop-ipv6-packets-with-non-zero-flow-label", "drop-ipv6-fragments-when-first-reserved-field-is-not-zero", "drop-ipv6-fragments-when-second-reserved-field-is-not-zero", "drop-overly-small-ipv6-fragments-aggresively"]
# Drops internet protocol (IP) version 4 packets with IP options.
#
# Enabled by default.
#
# Violates RFC 791 but IP options are very rarely used, the few that are used have potential to be used as attack vectors and none have any meaning to this library.
= []
# Drops internet protocol (IP) version 4 packets with IP options which do not have zero padding at the end of the options list.
#
# Enabled by default.
#
# This is a strictness check with a very minor impact on performance.
= []
# Drops internet protocol (IP) version 4 packets with the Do Not Fragment (DF) flag set and a non-zero (fragment) identification.
#
# Enabled by default.
#
# Violates RFC 6864 Section 4.1 paragraph 5 but there is no good reason to send IP packets with DF set and a non-zero (fragment) identification.
# In particular, the identification field in these cases can be used as a covert channel and to infer the number of devices behind a NAT proxy.
= []
# Drop internet protocol (IP) version 6 packets whose flow label is not zero.
#
# Enabled by default.
#
# There is no good reason to be receiving such packets for ICMP, TCP and UDP flows.
= []
# Drop internet protocol (IP) version 6 packets whose fragment extension header has a non-zero first reserved field (8-bits).
#
# Enabled by default.
#
# Violates RFC 8200 Section 4.5 but there is no good reason to be receiving such packets.
= []
# Drop internet protocol (IP) version 6 packets whose fragment extension header has a non-zero second reserved field (2-bits).
#
# Enabled by default.
#
# Violates RFC 8200 Section 4.5 but there is no good reason to be receiving such packets.
= []
# We always drop fragments smaller than they need to be (444 byte MSS).
# This setting drops fragments (except the last) smaller than that possible using a 1280 byte MSS.
#
# Enabled by default.
#
# Violates RFC 8200 Section 4.5 but there is no good reason to be receiving such packets.
= []