Proper Port Forwarding
nightrecon at hotmail.com
Thu Jun 7 17:15:02 UTC 2012
Michael Sierchio wrote:
> On Wed, Jun 6, 2012 at 11:31 AM, Simon <simon at optinet.com> wrote:
>> This easily causes DoS for when too many FIN_WAIT_2 are created and IPFW
>> stops forwarding using the rule above because of "too many dynamic rules"
> Change the defaults for the fw.dyn sysctl MIB nodes
> to something like
There is also this you can place in /etc/sysctl.conf:
I do this for my web servers. It helps reduce the volume somewhat of
FIN_WAIT_2 from building up by expiring them sooner.
More information about the freebsd-questions