From nobody Mon Aug 12 19:21:07 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WjPWn6HBCz5Sy5r for ; Mon, 12 Aug 2024 19:21:25 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from udns.ultimatedns.net (udns.ultimatedns.net [24.113.41.81]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "ultimatedns.net", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WjPWm68s6z4Jjm for ; Mon, 12 Aug 2024 19:21:24 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ultimatedns.net header.s=mx99 header.b=P78k9C3t; spf=pass (mx1.freebsd.org: domain of bsd-lists@bsdforge.com designates 24.113.41.81 as permitted sender) smtp.mailfrom=bsd-lists@bsdforge.com Received: from ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.16.1/8.16.1) with ESMTP id 47CJL7RY008583; Mon, 12 Aug 2024 12:21:14 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ultimatedns.net; s=mx99; t=1723490474; x=1723491074; r=y; bh=2SAPxcLwKtIn89VZHWgAbv7K00FcWZprYv0Q55PnCfY=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=P78k9C3tNIN48QkQH/uh1QTULMC14OxcUglTCCzRXVS5Sh64Y876R+ywpdtdAofuH N/eUAUzIpI9CwfD5ACea58fM7tXoeV9EOCwqK1VTY7PCqI7IHuQmNzBLs1ts1IUNMF Bd9XqBQPeK0Y1GD7fFNhp2GXIyQU7ieC2q6Cgd/WvdjTu5gWANWxR4VYGyMlscg/XG xCxQw9+POMmlm2l2+j6XWVMgQVrrxGrdQjhOFzdKliSkoJzIFmwps+AqYLUIqiBvGa Gh0Z8j4I5wALVBUeMnT/myv+nZueq9JNvlyzEK3iXllmqD323l7MU/rzHFVNVScaZN QJpAdSCnDuzsA== List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 Date: Mon, 12 Aug 2024 12:21:07 -0700 From: Chris To: void Cc: freebsd-net@freebsd.org Subject: Re: drop synfin In-Reply-To: References: User-Agent: UDNSMS/17.0 Message-ID: X-Sender: bsd-lists@bsdforge.com Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Spamd-Bar: / X-Rspamd-Pre-Result: action=no action; module=multimap; Matched map: local_wl_ip X-Spamd-Result: default: False [-0.40 / 15.00]; R_DKIM_ALLOW(-0.20)[ultimatedns.net:s=mx99]; R_SPF_ALLOW(-0.20)[+ip4:24.113.41.81/29]; MIME_GOOD(-0.10)[text/plain]; ONCE_RECEIVED(0.10)[]; local_wl_ip(0.00)[24.113.41.81]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; MIME_TRACE(0.00)[0:+]; DKIM_TRACE(0.00)[ultimatedns.net:+]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:11404, ipnet:24.113.0.0/16, country:US]; FROM_HAS_DN(0.00)[]; FREEMAIL_TO(0.00)[f-m.fm] X-Rspamd-Queue-Id: 4WjPWm68s6z4Jjm On 2024-08-11 07:00, void wrote: > Hi, thank you for your response > > On Sun, Aug 11, 2024 at 09:47:28AM -0400, Michael Sierchio wrote: >> sysrc is for editing rc files, and that's not what you want to do. >> >> you may manually set the MIB with sysctl net.inet.tcp.drop_synfin=1 or you >> can put this line in /etc/sysctl.conf >> >> net.inet.tcp.drop_synfin=1 > > Yes. The reason I'm asking is because I've found instructions > to do one or the other. The sysctl method is what I'd prefer. > > in a similar case - there are instructions for LOG_IN_VAIN=YES > for /etc/rc.conf but there are also the sysctls which can be > set in /etc/sysctl.conf for net.inet.tcp.log_in_vain and > net.inet.udp.log_in_vain I've had the synfin, and log_in_vain knobs adjusted via sysctl.conf(5) for I think about a decade. The reason I use sysctl.conf is that it allows me to record the original value in a comment, should I ever need to review the settings in the future. > > I just wondered if having two methods is by design, as that way > one can have one value for tcp and another for udp if one goes > the sysctl route. > > I think LOG_IN_VAIN=YES sets both these MIBs to 1. --Chris