Custom kernel poll summary (was: Re: Reducing the need to
compile a custom kernel)
Freddie Cash
fjwcash at gmail.com
Fri Feb 17 15:14:23 UTC 2012
On Fri, Feb 17, 2012 at 3:21 AM, Alexander Leidinger
<Alexander at leidinger.net> wrote:
> Quoting Freddie Cash <fjwcash at gmail.com> (from Tue, 14 Feb 2012 08:26:54
> -0800):
>
>> On Tue, Feb 14, 2012 at 7:43 AM, Ian Smith <smithi at nimnet.asn.au> wrote:
>>>
>>> On Tue, 14 Feb 2012 2:37:55 +0100, Alexander Leidinger wrote:
>>> > 1 IPSTEALTH -> changes ipfw module only?
>>>
>>> I don't think this is specific to ipfw. From /sys/conf/NOTES:
>>>
>>> # IPSTEALTH enables code to support stealth forwarding (i.e., forwarding
>>> # packets without touching the TTL). This can be useful to hide
>>> firewalls
>>> # from traceroute and similar tools.
>>>
>>> But can it be disabled once added to kernel? It's no good as a default.
>>
>>
>> It's controllable via sysctl once it's compiled into the kernel. If
>> it's not compiled into the kernel, then the sysctl doesn't exist.
>
>
> Is it the following?
> net.inet.ip.stealth=0
Yeah, that's the one.
--
Freddie Cash
fjwcash at gmail.com
More information about the freebsd-stable
mailing list