Date: Fri, 21 Jan 2000 12:01:23 +0000 (GMT) From: Stephen Roome <steveroo@mothra.bri.hp.com> To: Gene Harris <zeus@tetronsoftware.com> Cc: matt <matt@ARPA.MAIL.NET>, FreeBSD-STABLE <stable@FreeBSD.ORG> Subject: Re: Restricting RST & Dropping SYN/FIN (was; stream.c) Message-ID: <Pine.HPX.4.10.10001211200441.27079-100000@mothra.bri.hp.com> In-Reply-To: <Pine.BSF.4.10.10001210037290.620-100000@tetron02.tetronsoftware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 21 Jan 2000, Gene Harris wrote: > Date: Fri, 21 Jan 2000 00:39:44 -0600 (CST) > From: Gene Harris <zeus@tetronsoftware.com> > To: matt <matt@ARPA.MAIL.NET> > Cc: FreeBSD-STABLE <stable@FreeBSD.ORG> > Subject: Re: Restricting RST & Dropping SYN/FIN (was; stream.c) > > On Fri, 21 Jan 2000, matt wrote: > > > > > curious.. on 3.4-stable, cvsupped Dec. 29 1999, defaults/rc.conf has; > > > > TCP_DROP_SYNFIN and TCP_RESTRICT_RST, which point to: > > > > sysctl net.inet.tcp.drop_synfin and net.inet.tcp.restrict_rst, However: > > > > root[w01]:~# sysctl -w net.inet.tcp.restrict_rst=1 > > sysctl: unknown oid 'net.inet.tcp.restrict_rst' > > root[w01]:~# sysctl -w net.inet.tcp.drop_synfin=1 > > sysctl: unknown oid 'net.inet.tcp.drop_synfin' > > > > I think you forgot to compile the options into your kernel. > > options TCP_DROP_SYNFIN > options TCP_RESTRICT_RST Maybe it's a stupid question, but should sysctl even report these variables if they are not available to be set ? Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.HPX.4.10.10001211200441.27079-100000>