From owner-freebsd-bugs Sun Jan 31 12:20:04 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA15332 for freebsd-bugs-outgoing; Sun, 31 Jan 1999 12:20:04 -0800 (PST) (envelope-from owner-freebsd-bugs@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA15318 for ; Sun, 31 Jan 1999 12:20:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.2/8.9.2) id MAA67409; Sun, 31 Jan 1999 12:20:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from init.eudaemonia.net (init.eudaemonia.net [195.78.67.171]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA15239 for ; Sun, 31 Jan 1999 12:19:44 -0800 (PST) (envelope-from jte@init.eudaemonia.net) Received: (from jte@localhost) by init.eudaemonia.net (8.9.1/8.9.1) id VAA00403; Sun, 31 Jan 1999 21:20:26 +0100 (CET) (envelope-from jte) Message-Id: <199901312020.VAA00403@init.eudaemonia.net> Date: Sun, 31 Jan 1999 21:20:26 +0100 (CET) From: Jon.T.Erichsen@init.eudaemonia.net Reply-To: init@eudaemonia.net To: FreeBSD-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: 3.2 Subject: conf/9845: Propose adding options to rc.conf and rc.network Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 9845 >Category: conf >Synopsis: Propose adding options to rc.conf and rc.network >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Jan 31 12:20:01 PST 1999 >Closed-Date: >Last-Modified: >Originator: Jon T. Erichsen >Release: FreeBSD 3.0-RELEASE i386 >Organization: Mobilix >Environment: FreeBSD 3.0-RELEASE i386 >Description: I propose a change to rc.conf and rc.network which includes options for setting true the net.inet.(tcp|udp).log_in_vain kernel states. Seeing as how my changes are included in rc.network, they will be executed before rc.d daemon startup scripts, and the kernel will pollute log files until the daemons become active. This might be a problem (?). I thought about using sleep, but decided against it. My rc.conf diff inserts the new line under "Miscellaneous network options". It seemed the best place, seing as how there is no "dedicated" security issue section. My rc.network diff inserts the new line last in procedure network_pass2 (Additional network setup). It seemed logical. 3.0-RELEASE source diffs for your patching leisure included. >How-To-Repeat: N/A >Fix: - BEGIN rc.conf diff - 127a128,129 > tcp_log_in_vain="NO" # Set to YES to enable logging of unserviced TCP port connects > udp_log_in_vain="NO" # Set to YES to enable logging of unserviced UDP port connects - END rc.conf diff - - BEGIN rc.network diff - 233a234,244 > # Log unserviced TCP port connects > if [ "X${tcp_log_in_vain}" = X"YES" ]; then > echo -n ' tcp_log_in_vain'; \ > sysctl -w net.inet.tcp.log_in_vain=1 > /dev/null 2>&1 > fi > > # Log unserviced UDP port connects > if [ "X${udp_log_in_vain}" = X"YES" ]; then > echo -n ' udp_log_in_vain'; \ > sysctl -w net.inet.udp.log_in_vain=1 > /dev/null 2>&1 > fi - END rc.network diff - >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message