From owner-freebsd-questions@FreeBSD.ORG  Tue Nov 25 06:55:02 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9E62716A4CE
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Nov 2003 06:55:02 -0800 (PST)
Received: from cultdeadsheep.org (charon.cultdeadsheep.org [80.65.226.72])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 44DDA43FB1
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Nov 2003 06:54:59 -0800 (PST)
	(envelope-from sheepkiller@cultdeadsheep.org)
Received: (qmail 80035 invoked by uid 85); 25 Nov 2003 15:54:57 +0100
Received: from sheepkiller@cultdeadsheep.org by goofy.cultdeadsheep.org by uid
	82 with qmail-scanner-1.20rc2  ( Clear:RC:1:. 
	Processed in 0.370574 secs); 25 Nov 2003 14:54:57 -0000
Received: from unknown (HELO persephone.cultdeadsheep.org) (192.168.0.8)
  by goofy.cultdeadsheep.org with SMTP; 25 Nov 2003 15:54:55 +0100
Received: (qmail 19033 invoked from network); 25 Nov 2003 15:54:42 +0100
Received: from unknown (HELO lucifer.cultdeadsheep.org) (192.168.0.2)
	by persephone.cultdeadsheep.org with DES-CBC3-SHA encrypted SMTP;
	25 Nov 2003 15:54:42 +0100
Date: Tue, 25 Nov 2003 15:55:11 +0100
From: Clement Laforet <sheepkiller@cultdeadsheep.org>
To: "Vahric MUHTARYAN" <vahric@doruk.net.tr>
Message-Id: <20031125155511.170cf7d0.sheepkiller@cultdeadsheep.org>
In-Reply-To: <007401c3b362$b6e984f0$110d3ad4@VAHOXP>
References: <007401c3b362$b6e984f0$110d3ad4@VAHOXP>
Organization: tH3 cUlt 0f tH3 d3@d sH33p
X-Mailer: Sylpheed version 0.9.7 (GTK+ 1.2.10; i386-portbld-freebsd5.1)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
cc: freebsd-ipfw@freebsd.org
cc: freebsd-questions@freebsd.org
Subject: Re: ICMP_BANDLIM and TCP_DROP_SYNFIN ?!
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Nov 2003 14:55:02 -0000

On Tue, 25 Nov 2003 16:45:05 +0200
"Vahric MUHTARYAN" <vahric@doruk.net.tr> wrote:

> Hi Everybody 
> 
> 	I red ipfw documents and I saw that "TCP_DROP_SYNFIN is not
> recommended for web server" no any explanation about it ?! Do you have
> any idea for why ?! 

http://docs.freebsd.org/cgi/getmsg.cgi?fetch=20365+0+archive/2001/freebsd-security/20011223.freebsd-security

clem