kern/190102: [tcp] net.inet.tcp.drop_synfin=1 no longer works on FreeBSD 10 [regression]
Mark Felder
feld at freebsd.org
Thu May 29 12:30:01 UTC 2014
The following reply was made to PR kern/190102; it has been noted by GNATS.
From: Mark Felder <feld at freebsd.org>
To: bug-followup at FreeBSD.org
Cc:
Subject: Re: kern/190102: [tcp] net.inet.tcp.drop_synfin=1 no longer works on
FreeBSD 10 [regression]
Date: Thu, 29 May 2014 07:25:31 -0500
The test box in particular is using pf and does not have any scrub
statements in pf.conf. The dropping of SYN+FIN worked for us in 9.1 and
older just by setting net.inet.tcp.drop_synfin=1. We skipped 9.2 for the
most part, so I don't have any experience with its behavior in
production.
More information about the freebsd-net
mailing list