Date: Fri, 17 Feb 2012 12:21:10 +0100 From: Alexander Leidinger <Alexander@Leidinger.net> To: Freddie Cash <fjwcash@gmail.com> Cc: freebsd-stable@freebsd.org Subject: Re: Custom kernel poll summary (was: Re: Reducing the need to compile a custom kernel) Message-ID: <20120217122110.Horde.6XSicpjmRSRPPjgmMlJAECA@webmail.leidinger.net> In-Reply-To: <CAOjFWZ6f5QtGY7pVVBgHj%2BxhSJ_QARKPaOjq=ZnfxVz4V-gDGQ@mail.gmail.com> References: <20120210145604.Horde.ewjpSpjmRSRPNSH0YRHxgAk@webmail.leidinger.net> <20120214123755.Horde.WkLNcJjmRSRPOkeTw7bUClA@webmail.leidinger.net> <20120215014738.O95093@sola.nimnet.asn.au> <CAOjFWZ6f5QtGY7pVVBgHj%2BxhSJ_QARKPaOjq=ZnfxVz4V-gDGQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting Freddie Cash <fjwcash@gmail.com> (from Tue, 14 Feb 2012 08:26:54 -0800): > On Tue, Feb 14, 2012 at 7:43 AM, Ian Smith <smithi@nimnet.asn.au> wrote: >> On Tue, 14 Feb 2012 2:37:55 +0100, Alexander Leidinger wrote: >> =C2=A0> 1 IPSTEALTH =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0-> changes ipfw module only? >> >> I don't think this is specific to ipfw. =C2=A0From /sys/conf/NOTES: >> >> # IPSTEALTH enables code to support stealth forwarding (i.e., forwarding >> # packets without touching the TTL). =C2=A0This can be useful to hide fi= rewalls >> # from traceroute and similar tools. >> >> But can it be disabled once added to kernel? =C2=A0It's no good as a def= ault. > > It's controllable via sysctl once it's compiled into the kernel. If > it's not compiled into the kernel, then the sysctl doesn't exist. Is it the following? net.inet.ip.stealth=3D0 Bye, Alexander. -- BOFH excuse #152: My pony-tail hit the on/off switch on the power strip http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID =3D B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID =3D 72077137
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120217122110.Horde.6XSicpjmRSRPPjgmMlJAECA>