Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 18 Mar 2007 18:21:01 +0300
From:      banshee <root@vault13.org>
To:        freebsd-current@freebsd.org
Subject:   rc.conf: tcp_drop_synfin option
Message-ID:  <20070318152101.GA70619@vault13.org>
next in thread | raw e-mail | index | archive | help 

--WhfpMioaduB5tiZL
Content-Type: multipart/mixed; boundary="gBBFr7Ir9EOA20Yy"
Content-Disposition: inline


--gBBFr7Ir9EOA20Yy
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


	Hello everyone!

	I have an tcp_drop_synfin=3D"yes" option in my rc.conf, but it doesn't wor=
k correct. Here is the dmesg -a part:

        [...]
        Additional routing options:
         ignore ICMP redirect=3D3DYES
         log ICMP redirect=3D3DYES
         drop SYN+FIN packets=3D3DYES
        sysctl:
        unknown oid 'net.inet.tcp.drop_synfin'
        [...]

	I've been thinking about making a patch for it (/etc/rc.d/routing, lines 2=
2-127), but i just didn't find something in `sysctl -a` list that can be us=
ed. If this option removed, then may be the lines 124-125 in /etc/rc.d/rout=
ing should be changed (something as in attach)? I'm interested in making pa=
tch for it :-)

--=20

	Best regards, banshee, vault13.org...


--gBBFr7Ir9EOA20Yy
Content-Type: text/plain; charset=koi8-r
Content-Disposition: attachment; filename="routing.patch"
Content-Transfer-Encoding: quoted-printable

--- /etc/rc.d/routing	Sun May  7 08:00:26 2006
+++ rtpatch	Sun Mar 18 16:41:59 2007
@@ -121,8 +121,7 @@
=20
 	case ${tcp_drop_synfin} in
 	[Yy][Ee][Ss])
-		echo -n ' drop SYN+FIN packets=3DYES'
-		sysctl net.inet.tcp.drop_synfin=3D1 >/dev/null
+		echo -n ' drop SYN+FIN packets=3Dnot implemented'
 		;;
 	esac
=20

--gBBFr7Ir9EOA20Yy--

--WhfpMioaduB5tiZL
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQEVAwUBRf1Y1ZQivqHIHgXfAQGWqwf8C/idR94YklYTZAoAEDK+SQ4mCdnXysdb
Ioc7VWZa3QebSQX22d7vdNbRd2f4AdjWmHYJZPldUbyTq/uyoGD30z9LCboQCfF3
eDwdU1umn+3VAONZzF3uFJWTcZV+8Nv/d/StxhiURLJOg5IfE+h1nW3wwCf4LHR3
YEnOGps+o8R3PzfL+gkL5LrNsOTIvH7gmpkLudAwaz3acLY5Q592JrPaedpBrr7b
sHrhTfJ7/ydD242cqX6c+fLudl8pNGsIkV/QV3fwGSogENSZC5XZdJwP7qf+JdoS
TU0RioqxeXwBbZeESY0VQp86Q9AGnBS9N+0oW0pTdP7HSQ2hR9zMiA==
=UIqF
-----END PGP SIGNATURE-----

--WhfpMioaduB5tiZL--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070318152101.GA70619>