From owner-freebsd-current@FreeBSD.ORG  Mon Mar 19 10:15:55 2007
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: freebsd-current@freebsd.org
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 05ABE16A407
	for <freebsd-current@freebsd.org>; Mon, 19 Mar 2007 10:15:55 +0000 (UTC)
	(envelope-from pluknet@gmail.com)
Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.245])
	by mx1.freebsd.org (Postfix) with ESMTP id B963D13C48A
	for <freebsd-current@freebsd.org>; Mon, 19 Mar 2007 10:15:54 +0000 (UTC)
	(envelope-from pluknet@gmail.com)
Received: by an-out-0708.google.com with SMTP id c24so1136042ana
	for <freebsd-current@freebsd.org>; Mon, 19 Mar 2007 03:15:54 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=H/L5E4/zhN9b99YOakneeRMmxLu92v8WwxgsAut+hzUcqkLC6hxt1d7nluIHydscTQDKAmhxBazckPFHg4RZnVTtOJAFG1Btf/CzgzijDTSLx3yO2neYsd1BRf7aSlm8amVtFf3vv95JLxUou2qzGL7vzSvh+bIvQqT7y1HE+6c=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=K+NZUGpZH7MEIW7UlDUJeMHgGCjxGpRAnTOUDJzgy9e8pcV34VgL1zyO3LXQkDTnJ1Ngt4nMTgkyD+Sw1hl8GToRY2qu/s26AiIcjWUDrliJ2/y0fOu7IjGXjATj5UetkMmiTt810xFZL/BU7pmsrRuV879YkGCKMCnuye0jbhE=
Received: by 10.100.190.8 with SMTP id n8mr3424767anf.1174297813139;
	Mon, 19 Mar 2007 02:50:13 -0700 (PDT)
Received: by 10.100.9.7 with HTTP; Mon, 19 Mar 2007 02:50:13 -0700 (PDT)
Message-ID: <a31046fc0703190250g32278c31g44f62aaa1ed24e0d@mail.gmail.com>
Date: Mon, 19 Mar 2007 12:50:13 +0300
From: pluknet <pluknet@gmail.com>
To: banshee <root@vault13.org>
In-Reply-To: <20070318152101.GA70619@vault13.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <20070318152101.GA70619@vault13.org>
Cc: freebsd-current@freebsd.org
Subject: Re: rc.conf: tcp_drop_synfin option
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Mar 2007 10:15:55 -0000

Hi.

On 18/03/07, banshee <root@vault13.org> wrote:
>
>         Hello everyone!
>
>         I have an tcp_drop_synfin="yes" option in my rc.conf, but it doesn't work correct. Here is the dmesg -a part:
>
>         [...]
>         Additional routing options:
>          ignore ICMP redirect=3DYES
>          log ICMP redirect=3DYES
>          drop SYN+FIN packets=3DYES
>         sysctl:
>         unknown oid 'net.inet.tcp.drop_synfin'
>         [...]
>
>         I've been thinking about making a patch for it (/etc/rc.d/routing, lines 22-127), but i just didn't find something in `sysctl -a` list that can be used. If this option removed, then may be the lines 124-125 in /etc/rc.d/routing should be changed (something as in attach)? I'm interested in making patch for it :-)

Didn't you forget to add the TCP_DROP_SYNFIN option in your kernel config?

>         Best regards, banshee, vault13.org...

pluknet