# Do not send RSTs for packets to closed ports
net.inet.tcp.blackhole=2
# Do not send ICMP port unreach messages for closed ports
net.inet.udp.blackhole=1
# Generate random IP_ID's
net.inet.ip.random_id=1
# Breaks RFC1379, but nobody uses it anyway
net.inet.tcp.drop_synfin=1
net.inet.ip.redirect=0
net.inet.tcp.syncookies=1
net.inet.tcp.recvspace=65228
net.inet.tcp.sendspace=65228
# fastforwarding - see http://lists.freebsd.org/pipermail/freebsd-net/2004-January/002534.html
net.inet.ip.fastforwarding=1
net.inet.tcp.delayed_ack=0
net.inet.udp.maxdgram=57344
kern.rndtest.verbose=0
net.link.bridge.pfil_onlyip=0
net.link.tap.user_open=1