From owner-freebsd-stable  Thu Jan 20 22: 3:52 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from mail5.uunet.ca (mail5.uunet.ca [142.77.1.28])
	by hub.freebsd.org (Postfix) with ESMTP id 5A7A1151C0
	for <stable@FreeBSD.ORG>; Thu, 20 Jan 2000 22:03:49 -0800 (PST)
	(envelope-from matt@ARPA.MAIL.NET)
Received: from w01.arpa-canada.net ([216.95.146.6]) by mail5.uunet.ca with ESMTP id <232083-10708>; Fri, 21 Jan 2000 01:03:44 -0500
Date: Fri, 21 Jan 2000 01:03:41 -0500
From: matt <matt@ARPA.MAIL.NET>
X-Sender: matt@w01.arpa-canada.net
To: FreeBSD-STABLE <stable@FreeBSD.ORG>
Subject: Restricting RST & Dropping SYN/FIN (was; stream.c)
Message-ID: <Pine.BSF.4.21.0001210059470.5056-100000@w01.arpa-canada.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


curious.. on 3.4-stable, cvsupped Dec. 29 1999, defaults/rc.conf has;

TCP_DROP_SYNFIN and TCP_RESTRICT_RST, which point to:

sysctl net.inet.tcp.drop_synfin and net.inet.tcp.restrict_rst, However:

root[w01]:~# sysctl -w net.inet.tcp.restrict_rst=1
sysctl: unknown oid 'net.inet.tcp.restrict_rst'
root[w01]:~# sysctl -w net.inet.tcp.drop_synfin=1
sysctl: unknown oid 'net.inet.tcp.drop_synfin'

Is this not functional yet? Or does it require something that I'm missing
here? As I said, the machine is 3.4-STABLE as of Dec. 29 1999.

-Matt





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message