rc.conf: tcp_drop_synfin option
pluknet
pluknet at gmail.com
Mon Mar 19 10:15:55 UTC 2007
Hi.
On 18/03/07, banshee <root at vault13.org> wrote:
>
> Hello everyone!
>
> I have an tcp_drop_synfin="yes" option in my rc.conf, but it doesn't work correct. Here is the dmesg -a part:
>
> [...]
> Additional routing options:
> ignore ICMP redirect=3DYES
> log ICMP redirect=3DYES
> drop SYN+FIN packets=3DYES
> sysctl:
> unknown oid 'net.inet.tcp.drop_synfin'
> [...]
>
> I've been thinking about making a patch for it (/etc/rc.d/routing, lines 22-127), but i just didn't find something in `sysctl -a` list that can be used. If this option removed, then may be the lines 124-125 in /etc/rc.d/routing should be changed (something as in attach)? I'm interested in making patch for it :-)
Didn't you forget to add the TCP_DROP_SYNFIN option in your kernel config?
> Best regards, banshee, vault13.org...
pluknet
More information about the freebsd-current
mailing list