Date: Sat, 31 Jan 2004 07:32:36 -0600 From: "J.D. Bronson" <jbronson@lonebandit.com> To: freebsd-questions@freebsd.org Subject: tcp blackhole and ident Message-ID: <6.0.2.0.2.20040131072955.00b54ee8@cheyenne.wixb.com>
next in thread | raw e-mail | index | archive | help
I have a question. I setup the following in sysctl.conf: net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1 ..Well this works, but now I have a new issue. I run sendmail and as such, need to allow TCP 113 into this machine and yet get CONNECTION REFUSED. - I dont want to run IDENT, but need to still get the CONNECTION REFUSED... Currently (and as expected) the packets drop forever. Any ideas on how I can have the best of both worlds? In additon, what is the best security setting for: net.inet.tcp.icmp_may_rst=1 or 0 ? Thanks! -- J.D. Bronson - "LoneBandit" Aurora Health Care // Information Services // Milwaukee, WI USA Office: 414.978.8282 // Email: jd@aurora.org // Pager: 414.314.8282
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.2.0.2.20040131072955.00b54ee8>