# Do not send RSTs for packets to closed ports net.inet.tcp.blackhole=2 # Do not send ICMP port unreach messages for closed ports net.inet.udp.blackhole=1 # Generate random IP_ID's net.inet.ip.random_id=1 # Breaks RFC1379, but nobody uses it anyway net.inet.tcp.drop_synfin=1 net.inet.ip.redirect=0 kern.ipc.somaxconn=2048 net.inet.tcp.syncookies=1 net.inet.tcp.recvspace=65228 net.inet.tcp.sendspace=65228 net.inet.ip.fastforwarding=1 net.isr.enable=1 kern.maxfiles=16384 kern.maxfilesperproc=16384 net.inet.tcp.delayed_ack=0 kern.ipc.maxsockbuf=2097152 net.inet.udp.maxdgram=57344