Date: Mon, 19 Mar 2007 12:50:13 +0300 From: pluknet <pluknet@gmail.com> To: banshee <root@vault13.org> Cc: freebsd-current@freebsd.org Subject: Re: rc.conf: tcp_drop_synfin option Message-ID: <a31046fc0703190250g32278c31g44f62aaa1ed24e0d@mail.gmail.com> In-Reply-To: <20070318152101.GA70619@vault13.org> References: <20070318152101.GA70619@vault13.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi. On 18/03/07, banshee <root@vault13.org> wrote: > > Hello everyone! > > I have an tcp_drop_synfin="yes" option in my rc.conf, but it doesn't work correct. Here is the dmesg -a part: > > [...] > Additional routing options: > ignore ICMP redirect=3DYES > log ICMP redirect=3DYES > drop SYN+FIN packets=3DYES > sysctl: > unknown oid 'net.inet.tcp.drop_synfin' > [...] > > I've been thinking about making a patch for it (/etc/rc.d/routing, lines 22-127), but i just didn't find something in `sysctl -a` list that can be used. If this option removed, then may be the lines 124-125 in /etc/rc.d/routing should be changed (something as in attach)? I'm interested in making patch for it :-) Didn't you forget to add the TCP_DROP_SYNFIN option in your kernel config? > Best regards, banshee, vault13.org... pluknet
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a31046fc0703190250g32278c31g44f62aaa1ed24e0d>