Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 31 Jan 1999 21:20:26 +0100 (CET)
From:      Jon.T.Erichsen@init.eudaemonia.net
To:        FreeBSD-gnats-submit@FreeBSD.ORG
Subject:   conf/9845: Propose adding options to rc.conf and rc.network
Message-ID:  <199901312020.VAA00403@init.eudaemonia.net>
next in thread | raw e-mail | index | archive | help 

>Number:         9845
>Category:       conf
>Synopsis:       Propose adding options to rc.conf and rc.network
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 31 12:20:01 PST 1999
>Closed-Date:
>Last-Modified:
>Originator:     Jon T. Erichsen
>Release:        FreeBSD 3.0-RELEASE i386
>Organization:
Mobilix
>Environment:

FreeBSD 3.0-RELEASE i386

>Description:

I propose a change to rc.conf and rc.network which includes options for setting true the net.inet.(tcp|udp).log_in_vain kernel states.

Seeing as how my changes are included in rc.network, they will be executed before rc.d daemon startup scripts, and the kernel will pollute log files until the daemons become active. This might be a problem (?). I thought about using sleep, but decided against it.

My rc.conf diff inserts the new line under "Miscellaneous network options". It seemed the best place, seing as how there is no "dedicated" security issue section.
My rc.network diff inserts the new line last in procedure network_pass2 (Additional network setup). It seemed logical.

3.0-RELEASE source diffs for your patching leisure included.

>How-To-Repeat:

N/A

>Fix:

- BEGIN rc.conf diff -
127a128,129
> tcp_log_in_vain="NO"           # Set to YES to enable logging of unserviced TCP port connects
> udp_log_in_vain="NO"           # Set to YES to enable logging of unserviced UDP port connects
- END rc.conf diff -

- BEGIN rc.network diff -
233a234,244
>     # Log unserviced TCP port connects
>     if [ "X${tcp_log_in_vain}" = X"YES" ]; then
>             echo -n ' tcp_log_in_vain'; \
>             sysctl -w net.inet.tcp.log_in_vain=1 > /dev/null 2>&1
>     fi
> 
>     # Log unserviced UDP port connects
>     if [ "X${udp_log_in_vain}" = X"YES" ]; then
>             echo -n ' udp_log_in_vain'; \
>             sysctl -w net.inet.udp.log_in_vain=1 > /dev/null 2>&1
>     fi
- END rc.network diff -
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901312020.VAA00403>