Re: drop synfin

On 2024-08-11 07:00, void wrote:
> Hi, thank you for your response
> 
> On Sun, Aug 11, 2024 at 09:47:28AM -0400, Michael Sierchio wrote:
>> sysrc is for editing rc files, and that's not what you want to do.
>> 
>> you may manually set the MIB with sysctl net.inet.tcp.drop_synfin=1 or you
>> can put this line in /etc/sysctl.conf
>> 
>> net.inet.tcp.drop_synfin=1
> 
> Yes. The reason I'm asking is because I've found instructions
> to do one or the other. The sysctl method is what I'd prefer.
> 
> in a similar case - there are instructions for LOG_IN_VAIN=YES
> for /etc/rc.conf but there are also the sysctls which can be
> set in /etc/sysctl.conf for net.inet.tcp.log_in_vain and
> net.inet.udp.log_in_vain
I've had the synfin, and log_in_vain knobs adjusted via sysctl.conf(5)
for I think about a decade. The reason I use sysctl.conf is that it
allows me to record the original value in a comment, should I ever
need to review the settings in the future.

> 
> I just wondered if having two methods is by design, as that way
> one can have one value for tcp and another for udp if one goes
> the sysctl route.
> 
> I think LOG_IN_VAIN=YES sets both these MIBs to 1.

--Chris