Custom kernel poll summary (was: Re: Reducing the need to
compile a custom kernel)
Alexander Leidinger
Alexander at Leidinger.net
Fri Feb 17 11:21:27 UTC 2012
Quoting Freddie Cash <fjwcash at gmail.com> (from Tue, 14 Feb 2012
08:26:54 -0800):
> On Tue, Feb 14, 2012 at 7:43 AM, Ian Smith <smithi at nimnet.asn.au> wrote:
>> On Tue, 14 Feb 2012 2:37:55 +0100, Alexander Leidinger wrote:
>> > 1 IPSTEALTH -> changes ipfw module only?
>>
>> I don't think this is specific to ipfw. From /sys/conf/NOTES:
>>
>> # IPSTEALTH enables code to support stealth forwarding (i.e., forwarding
>> # packets without touching the TTL). This can be useful to hide firewalls
>> # from traceroute and similar tools.
>>
>> But can it be disabled once added to kernel? It's no good as a default.
>
> It's controllable via sysctl once it's compiled into the kernel. If
> it's not compiled into the kernel, then the sysctl doesn't exist.
Is it the following?
net.inet.ip.stealth=0
Bye,
Alexander.
--
BOFH excuse #152:
My pony-tail hit the on/off switch on the power strip
http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
More information about the freebsd-stable
mailing list