diff options
| author | des <des@FreeBSD.org> | 2001-03-19 22:07:32 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2001-03-19 22:07:32 +0000 |
| commit | 097a9d6bae16257ca039fa6a77f1c9a2b8adbc26 (patch) | |
| tree | b237d1b327a05d1bbf33edfc981119f3994f77ef /share | |
| parent | d0f798c1511603114cebeb179c36e5b22f827f1b (diff) | |
| download | FreeBSD-src-097a9d6bae16257ca039fa6a77f1c9a2b8adbc26.zip FreeBSD-src-097a9d6bae16257ca039fa6a77f1c9a2b8adbc26.tar.gz | |
Axe TCP_RESTRICT_RST. It was never a particularly good idea except for a few
very specific scenarios, and now that we have had net.inet.tcp.blackhole for
quite some time there is really no reason to use it any more.
(second of three commits)
Diffstat (limited to 'share')
| -rw-r--r-- | share/man/man5/rc.conf.5 | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index 76ec46a..cc86830 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -470,14 +470,6 @@ This prevents OS fingerprinting, but may break some legitimate applications. This option is only available if the kernel was built with the TCP_DROP_SYNFIN option. -.It Ar tcp_restrict_rst -(bool) Set to -.Ar NO -by default. -Setting to YES will cause the kernel to refrain from emitting TCP RST frames -in response to invalid TCP packets (e.g. frames destined for closed ports). -This option is only available if the kernel was built with the -TCP_RESTRICT_RST option. .It Ar icmp_drop_redirect (bool) Set to .Ar NO |
