# Do not send RSTs for packets to closed ports
net.inet.tcp.blackhole=2
# Do not send ICMP port unreach messages for closed ports
net.inet.udp.blackhole=1
# Generate random IP_ID's
net.inet.ip.random_id=1
# Breaks RFC1379, but nobody uses it anyway
net.inet.tcp.drop_synfin=1
net.inet.ip.redirect=0
kern.ipc.somaxconn=2048
net.inet.tcp.syncookies=1
net.inet.ip.fastforwarding=1
net.isr.enable=1
kern.maxfiles=16384
kern.maxfilesperproc=16384
net.inet.tcp.delayed_ack=0
net.inet.udp.maxdgram=57344
net.inet.tcp.sendspace=65536
net.inet.tcp.recvspace=65536
kern.ipc.maxsockbuf=262144
net.inet.tcp.rfc1323=1
kern.ipc.nmbclusters=32768