Re: drop synfin

Hi, thank you for your response

On Sun, Aug 11, 2024 at 09:47:28AM -0400, Michael Sierchio wrote:
>sysrc is for editing rc files, and that's not what you want to do.
>
>you may manually set the MIB with sysctl net.inet.tcp.drop_synfin=1 or you
>can put this line in /etc/sysctl.conf
>
>net.inet.tcp.drop_synfin=1

Yes. The reason I'm asking is because I've found instructions
to do one or the other. The sysctl method is what I'd prefer.

in a similar case - there are instructions for LOG_IN_VAIN=YES
for /etc/rc.conf but there are also the sysctls which can be
set in /etc/sysctl.conf for net.inet.tcp.log_in_vain and
net.inet.udp.log_in_vain

I just wondered if having two methods is by design, as that way
one can have one value for tcp and another for udp if one goes
the sysctl route.

I think LOG_IN_VAIN=YES sets both these MIBs to 1.
--