# Do not send RSTs for packets to closed ports
net.inet.tcp.blackhole=2
# Do not send ICMP port unreach messages for closed ports
net.inet.udp.blackhole=1
# Generate randing IP_ID's
net.inet.ip.random_id=1
# Breaks RFC1379, but nobody uses it anyway
net.inet.tcp.drop_synfin=1