From nobody Sun Aug 11 14:00:55 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhfSc3B17z5SsTY for ; Sun, 11 Aug 2024 14:01:04 +0000 (UTC) (envelope-from void@f-m.fm) Received: from fout8-smtp.messagingengine.com (fout8-smtp.messagingengine.com [103.168.172.151]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4WhfSb3RqZz579s for ; Sun, 11 Aug 2024 14:01:03 +0000 (UTC) (envelope-from void@f-m.fm) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=f-m.fm header.s=fm3 header.b=tpkcrmYJ; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=KUWEeSqf; dmarc=pass (policy=none) header.from=f-m.fm; spf=pass (mx1.freebsd.org: domain of void@f-m.fm designates 103.168.172.151 as permitted sender) smtp.mailfrom=void@f-m.fm Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailfout.nyi.internal (Postfix) with ESMTP id 0AFD9138FC92 for ; Sun, 11 Aug 2024 10:01:02 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Sun, 11 Aug 2024 10:01:02 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=f-m.fm; h=cc :content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm3; t=1723384862; x=1723471262; bh=DjX5UH6XU/ RHALiBbnikCX8HKcMRSl1mg7UHwHAr7YI=; b=tpkcrmYJildeu61w4PbOjK6DZo LgsaG577gRZndn+rHyZGJH7QselZl5VdEujrr1tt91+ct+Yr4JpV4quIiGQ90ssK dX7TThjOwbagpdQDv/ue8hjUlZyNBrUCMQTVqL80YO1TTN2zT6CwBBPugezw29++ QOGwaN1K7a6A9YcycU0hd8748Bx3MoWQsmHUGyCuQOrkbtCxYdIVnAVHmb3m40nf 82XbdLZqdjkVJPzFJW76yi+tCLkhETK8l34Sc94GHkIEyWT5l8nmcYDgHxytkZjt YpfkJQ/KhX+2S4jjAxHPzeSc03OVruB9Z+1nuqU9jksXx1dmyRsN3tLFJqOQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1723384862; x=1723471262; bh=DjX5UH6XU/RHALiBbnikCX8HKcMR Sl1mg7UHwHAr7YI=; b=KUWEeSqfMQqzFXhaa2ve7/JEThO7rCPDSP1TttZi6JQC V6FgnWAsLv9NhS2gi0fDiq2T4N/xmAZ10jgvar7qrtpgeLmHlmiv//n5ByF8IvjS EVG/+PJFKZjM6kb8Ch+5IJUqGd1Fsz3SYCx7vQ5Eq6LVOOUOljbxxXf0E+vzqTGC H94DGAmRfyHqJLeOUrbAB0rJPHh5mQ7QY+9HFSSz/Zk8wBsjxM2xZF+Te2fLA1He YbyMxVU/ASq3MqeeEW5ArEKHJr2H6zPFzpFfMrK6BHgvEdNUCxDh6u4VbDu/5/8y 71whJKr9XWggslAkljgq83jUTVQcn9U7TseSzrPo+A== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrleekgdejvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdpuffr tefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukf hfgggtuggjsehttdertddttddvnecuhfhrohhmpehvohhiugcuoehvohhiugesfhdqmhdr fhhmqeenucggtffrrghtthgvrhhnpeekleduvdelhfeileefgffghfffkedtheellefgud fgvdegkeejjedutdehhefgueenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhep mhgrihhlfhhrohhmpehvohhiugesfhdqmhdrfhhmpdhnsggprhgtphhtthhopedupdhmoh guvgepshhmthhpohhuthdprhgtphhtthhopehfrhgvvggsshguqdhnvghtsehfrhgvvggs shgurdhorhhg X-ME-Proxy: Feedback-ID: i2541463c:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sun, 11 Aug 2024 10:01:01 -0400 (EDT) Date: Sun, 11 Aug 2024 15:00:55 +0100 From: void To: freebsd-net@freebsd.org Subject: Re: drop synfin Message-ID: References: List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.60 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; MID_RHS_NOT_FQDN(0.50)[]; DMARC_POLICY_ALLOW(-0.50)[f-m.fm,none]; R_DKIM_ALLOW(-0.20)[f-m.fm:s=fm3,messagingengine.com:s=fm3]; R_SPF_ALLOW(-0.20)[+ip4:103.168.172.128/27:c]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[103.168.172.151:from]; FREEMAIL_FROM(0.00)[f-m.fm]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_THREE(0.00)[3]; ARC_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; FROM_HAS_DN(0.00)[]; FREEMAIL_ENVFROM(0.00)[f-m.fm]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[f-m.fm:+,messagingengine.com:+]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; ASN(0.00)[asn:209242, ipnet:103.168.172.0/24, country:US]; RCVD_VIA_SMTP_AUTH(0.00)[]; MISSING_XM_UA(0.00)[]; DWL_DNSWL_NONE(0.00)[messagingengine.com:dkim] X-Rspamd-Queue-Id: 4WhfSb3RqZz579s Hi, thank you for your response On Sun, Aug 11, 2024 at 09:47:28AM -0400, Michael Sierchio wrote: >sysrc is for editing rc files, and that's not what you want to do. > >you may manually set the MIB with sysctl net.inet.tcp.drop_synfin=1 or you >can put this line in /etc/sysctl.conf > >net.inet.tcp.drop_synfin=1 Yes. The reason I'm asking is because I've found instructions to do one or the other. The sysctl method is what I'd prefer. in a similar case - there are instructions for LOG_IN_VAIN=YES for /etc/rc.conf but there are also the sysctls which can be set in /etc/sysctl.conf for net.inet.tcp.log_in_vain and net.inet.udp.log_in_vain I just wondered if having two methods is by design, as that way one can have one value for tcp and another for udp if one goes the sysctl route. I think LOG_IN_VAIN=YES sets both these MIBs to 1. --