Re: drop synfin

In reply to: void : "Re: drop synfin"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Patrick M. Hausen <hausen_at_punkt.de>
Date: Sun, 11 Aug 2024 14:15:49 UTC

Hi all,

> Am 11.08.2024 um 16:00 schrieb void <void@f-m.fm>:
> 
> Hi, thank you for your response
> 
> On Sun, Aug 11, 2024 at 09:47:28AM -0400, Michael Sierchio wrote:
>> sysrc is for editing rc files, and that's not what you want to do.
>> 
>> you may manually set the MIB with sysctl net.inet.tcp.drop_synfin=1 or you
>> can put this line in /etc/sysctl.conf
>> 
>> net.inet.tcp.drop_synfin=1
> 
> Yes. The reason I'm asking is because I've found instructions
> to do one or the other. The sysctl method is what I'd prefer.

using

	sysrc tcp_drop_synfin=YES

configures the system to perform a

	sysctl net.inet.tcp.drop_synfin=1

at every boot.

Simple as that.

Placing the sysctl line into /etc/sysctl.conf will achieve the same.

I don't know why there is an "official" rc.conf valure for this
particular sysctl and not for the gaziliion of other ones available.

Probably just like:

	sysrc gateway_enable=YES

vs.

	sysctl net.inet.ip.forwarding=1

Historical reasons :-)


Kind regards,
Patrick