Displaying 3 results from an estimated 3 matches for "dyn_syn_lifetime".
Did you mean:
dyn_fin_lifetime
2003 May 30
1
Strange startup messages
...104 verbose_limit RW *Handler Int
105 dyn_buckets RW *Handler Int
106 curr_dyn_buckets R *Handler Int
107 dyn_count R *Handler Int
108 dyn_max RW *Handler Int
109 static_count R *Handler Int
110 dyn_ack_lifetime RW *Handler Int
111 dyn_syn_lifetime RW *Handler Int
112 dyn_fin_lifetime RW *Handler Int
113 dyn_rst_lifetime RW *Handler Int
114 dyn_udp_lifetime RW *Handler Int
115 dyn_short_lifetime RW *Handler Int
Bob Hall
2004 Feb 13
3
SYN Attacks - how i cant stop it
...kern.polling.user_frac=50>90 #remember kernel options
> net.xorp.polling=1
> net.xorp.poll_burst=10
> net.xorp.poll_in_trap=3
> (if you use dynamic rules in ipfw [stateful] you can tweak this)
> net.inet.ip.fw.dyn_ack_lifetime=200 #shorte timeout on connection
> net.inet.ip.fw.dyn_syn_lifetime=20
> net.inet.ip.fw.dyn_fin_lifetime=20
> net.inet.ip.fw.dyn_rst_lifetime=5
> net.inet.ip.fw.dyn_short_lifetime=10 #longer timeout for e.g. icmp
> net.inet.ip.fw.dyn_max=1500 #higher number of dynamic rules
> net.inet.ip.fw.dyn_count: #count of number of dynamic rules
>
> ipf...
2004 Feb 06
2
IPFIREWALL_DEFAULT_TO_ACCEPT becomes default to deny
Hey Guys,
today I upgraded to 4.8-RELEASE-p15. As usual I set IPFIREWALL to default
accept in my kernel config file.
Config & make weren't complaining so, installed the kernel, reboot and there
it was:
>IP packet filtering initialized, divert disabled, rule-based forwarding
enabled, default to deny, logging disabled
Another rebuild didn't work out so... I reviewed