From owner-cvs-all  Thu Nov  5 09:56:19 1998
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA07617
          for cvs-all-outgoing; Thu, 5 Nov 1998 09:56:19 -0800 (PST)
          (envelope-from owner-cvs-all@FreeBSD.ORG)
Received: from ifi.uio.no (ifi.uio.no [129.240.64.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA07605
          for <cvs-committers@FreeBSD.ORG>; Thu, 5 Nov 1998 09:56:10 -0800 (PST)
          (envelope-from dag-erli@ifi.uio.no)
Received: from hrotti.ifi.uio.no (2602@hrotti.ifi.uio.no [129.240.64.15])
	by ifi.uio.no (8.8.8/8.8.7/ifi0.2) with ESMTP id SAA01648;
	Thu, 5 Nov 1998 18:54:54 +0100 (MET)
Received: (from dag-erli@localhost) by hrotti.ifi.uio.no ; Thu, 5 Nov 1998 18:54:51 +0100 (MET)
Mime-Version: 1.0
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Cc: Nate Williams <nate@mt.sri.com>, Don Lewis <Don.Lewis@tsc.tdk.com>,
        cvs-committers@FreeBSD.ORG
Subject: Re: cvs commit: src/usr.sbin/inetd inetd.c
References: <354.910287916@critter.freebsd.dk>
Organization: University of Oslo, Department of Informatics
X-url: http://www.stud.ifi.uio.no/~dag-erli/
X-other-addresses: 'finger dag-erli@ifi.uio.no' for a list
X-disclaimer-1: The views expressed in this article are mine alone, and do
X-disclaimer-2: not necessarily coincide with those of any organisation or
X-disclaimer-3: company with which I am or have been affiliated.
X-Stop-Spam: http://www.cauce.org/
From: dag-erli@ifi.uio.no (Dag-Erling C. =?iso-8859-1?Q?Sm=F8rgrav?= )
Date: 05 Nov 1998 18:54:51 +0100
In-Reply-To: Poul-Henning Kamp's message of "Thu, 05 Nov 1998 18:45:16 +0100"
Message-ID: <xzppvb2vxck.fsf@hrotti.ifi.uio.no>
Lines: 27
X-Mailer: Gnus v5.5/Emacs 19.34
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id JAB07613
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk

Poul-Henning Kamp <phk@critter.freebsd.dk> writes:
> In message <xzp67cuxdgj.fsf@hrotti.ifi.uio.no>, Dag-Erling C. =?iso-8859-1?Q?Sm
> =F8rgrav?= writes:
> >Poul-Henning Kamp <phk@critter.freebsd.dk> writes:
> >> Everybody who's concerned about security should run with
> >> 	 sysctl -w net.inet.tcp.log_in_vain=1
> >> even if behind a firewall.
> >...and exactly where is this variable documented?
> UTSL

I did:

$ glimpse -H /usr/src/ log_in_vain
/usr/src/sys/netinet/tcp_input.c: static int log_in_vain = 0;
/usr/src/sys/netinet/tcp_input.c: SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW,
/usr/src/sys/netinet/tcp_input.c:       &log_in_vain, 0, "");
/usr/src/sys/netinet/tcp_input.c:               if (log_in_vain && tiflags & TH_SYN) {
/usr/src/sys/netinet/udp_usrreq.c: static int log_in_vain = 0;
/usr/src/sys/netinet/udp_usrreq.c: SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW,
/usr/src/sys/netinet/udp_usrreq.c:      &log_in_vain, 0, "");
/usr/src/sys/netinet/udp_usrreq.c:              if (log_in_vain) {

As you can see, the sysctl doc strings are empty.

DES
-- 
Dag-Erling Smørgrav - dag-erli@ifi.uio.no

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message