From owner-freebsd-bugs Thu Apr 20 19:50: 7 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 74A9B37BC6C for ; Thu, 20 Apr 2000 19:50:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id TAA12414; Thu, 20 Apr 2000 19:50:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from epsilon.lucida.qc.ca (epsilon.lucida.qc.ca [216.95.146.6]) by hub.freebsd.org (Postfix) with SMTP id BA1F037B7C1 for ; Thu, 20 Apr 2000 19:48:36 -0700 (PDT) (envelope-from matt@epsilon.lucida.qc.ca) Received: (qmail 73416 invoked by uid 1000); 21 Apr 2000 02:48:35 -0000 Message-Id: <20000421024835.73415.qmail@epsilon.lucida.qc.ca> Date: 21 Apr 2000 02:48:35 -0000 From: matt@arpa.mail.net Reply-To: matt@arpa.mail.net To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: conf/18124: small patch to defaults/rc.conf to prevent confusion. Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 18124 >Category: conf >Synopsis: defaults/rc.conf is unclear about tcp_drop_synfyn and tcp_restrict_rst >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Apr 20 19:50:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Matt Heckaman >Release: FreeBSD 4.0-STABLE i386 and FreeBSD 3.4-STABLE i386 >Organization: Lucida Communications >Environment: FreeBSD 4.0 and FreeBSD 3.4, as well as all others that support the options tcp_drop_synfyn and tcp_restrict_rst. >Description: To enable tcp_drop_synfyn and tcp_resrict_rst, you must have the options TCP_DROP_SYNFIN and TCP_RESTRICT_RST set in your kernel. Since I am not the only one who was confused about this matter, I felt it might be a good idea to submit a change request on the rc.conf file. >How-To-Repeat: N/A >Fix: This is a diff against 4.0-STABLE Apr 19, but the idea is the same across the entire board. --- rc.conf.orig Thu Apr 20 22:38:14 2000 +++ rc.conf Thu Apr 20 22:41:09 2000 @@ -14,6 +14,7 @@ # # All arguments must be in double or single quotes. # +# $FreeBSD$ # $FreeBSD: src/etc/defaults/rc.conf,v 1.53.2.3 2000/04/15 11:02:40 iwasaki Exp $ ############################################################## @@ -55,6 +56,9 @@ tcp_extensions="NO" # Set to YES to turn on RFC1323 extensions. log_in_vain="NO" # YES to log connects to ports w/o listeners. tcp_keepalive="YES" # Enable stale TCP connection timeout (or NO). +# +# For the following two options, you need to have TCP_DROP_SYNFIN and +# TCP_RESTRICT_RST set in your kernel. Please refer to LINT for details. tcp_drop_synfin="NO" # Set to YES to drop TCP packets with SYN+FIN # NOTE: this breaks rfc1644 extensions (T/TCP) tcp_restrict_rst="NO" # Set to YES to restrict emission of RST >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message