Date: Thu, 29 May 2014 12:30:00 GMT From: Mark Felder <feld@freebsd.org> To: freebsd-net@FreeBSD.org Subject: Re: kern/190102: [tcp] net.inet.tcp.drop_synfin=1 no longer works on FreeBSD 10 [regression] Message-ID: <201405291230.s4TCU0f9077757@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/190102; it has been noted by GNATS. From: Mark Felder <feld@freebsd.org> To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/190102: [tcp] net.inet.tcp.drop_synfin=1 no longer works on FreeBSD 10 [regression] Date: Thu, 29 May 2014 07:25:31 -0500 The test box in particular is using pf and does not have any scrub statements in pf.conf. The dropping of SYN+FIN worked for us in 9.1 and older just by setting net.inet.tcp.drop_synfin=1. We skipped 9.2 for the most part, so I don't have any experience with its behavior in production.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201405291230.s4TCU0f9077757>