diff options
| author | Bill Marquette <billm@pfsense.org> | 2005-02-26 07:07:49 +0000 |
|---|---|---|
| committer | Bill Marquette <billm@pfsense.org> | 2005-02-26 07:07:49 +0000 |
| commit | 471eea266594210fb28c86b0ef4dc93582140124 (patch) | |
| tree | ccf5ee05caa894ab7b6ce875c7d1db135aaa00d8 /etc | |
| parent | ec9715f5bc5c6862cbb4b886b10bcd49f119a4df (diff) | |
| download | pfsense-471eea266594210fb28c86b0ef4dc93582140124.zip pfsense-471eea266594210fb28c86b0ef4dc93582140124.tar.gz | |
Add comments now that we can strip comments :)
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/sysctl.conf | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/sysctl.conf b/etc/sysctl.conf index aa70de1..020c918 100644 --- a/etc/sysctl.conf +++ b/etc/sysctl.conf @@ -1,4 +1,8 @@ +# Do not send RSTs for packets to closed ports net.inet.tcp.blackhole=2 +# Do not send ICMP port unreach messages for closed ports net.inet.udp.blackhole=1 +# Generate randing IP_ID's net.inet.ip.random_id=1 +# Breaks RFC1379, but nobody uses it anyway net.inet.tcp.drop_synfin=1 |
