Add network pass4 - after all local (/usr/local/etc/rc.d f.e.)
daemons started. Move log_in_vain option there. It is needed to avoid lot of connections to port 80 logged on production WWW server prior Apache started from /usr/local/etc/rc.d
This commit is contained in:
parent
3241be7550
commit
08221ae7d5
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=53314
@ -256,16 +256,6 @@ network_pass1() {
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${icmp_bmcastecho} in
|
||||
[Yy][Ee][Ss])
|
||||
echo -n ' broadcast ping responses=YES'
|
||||
@ -591,3 +581,19 @@ network_pass3() {
|
||||
echo '.'
|
||||
network_pass3_done=YES
|
||||
}
|
||||
|
||||
network_pass4() {
|
||||
echo -n 'Additional TCP options:'
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
echo '.'
|
||||
network_pass4_done=YES
|
||||
}
|
||||
|
4
etc/rc
4
etc/rc
@ -523,6 +523,10 @@ case ${local_startup} in
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ -n "${network_pass3_done}" ]; then
|
||||
network_pass4
|
||||
fi
|
||||
|
||||
# Raise kernel security level. This should be done only after `fsck' has
|
||||
# repaired local file systems if you want the securelevel to be greater than 1.
|
||||
#
|
||||
|
@ -256,16 +256,6 @@ network_pass1() {
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${icmp_bmcastecho} in
|
||||
[Yy][Ee][Ss])
|
||||
echo -n ' broadcast ping responses=YES'
|
||||
@ -591,3 +581,19 @@ network_pass3() {
|
||||
echo '.'
|
||||
network_pass3_done=YES
|
||||
}
|
||||
|
||||
network_pass4() {
|
||||
echo -n 'Additional TCP options:'
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
echo '.'
|
||||
network_pass4_done=YES
|
||||
}
|
||||
|
@ -256,16 +256,6 @@ network_pass1() {
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${icmp_bmcastecho} in
|
||||
[Yy][Ee][Ss])
|
||||
echo -n ' broadcast ping responses=YES'
|
||||
@ -591,3 +581,19 @@ network_pass3() {
|
||||
echo '.'
|
||||
network_pass3_done=YES
|
||||
}
|
||||
|
||||
network_pass4() {
|
||||
echo -n 'Additional TCP options:'
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
echo '.'
|
||||
network_pass4_done=YES
|
||||
}
|
||||
|
@ -256,16 +256,6 @@ network_pass1() {
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${icmp_bmcastecho} in
|
||||
[Yy][Ee][Ss])
|
||||
echo -n ' broadcast ping responses=YES'
|
||||
@ -591,3 +581,19 @@ network_pass3() {
|
||||
echo '.'
|
||||
network_pass3_done=YES
|
||||
}
|
||||
|
||||
network_pass4() {
|
||||
echo -n 'Additional TCP options:'
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
echo '.'
|
||||
network_pass4_done=YES
|
||||
}
|
||||
|
@ -256,16 +256,6 @@ network_pass1() {
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${icmp_bmcastecho} in
|
||||
[Yy][Ee][Ss])
|
||||
echo -n ' broadcast ping responses=YES'
|
||||
@ -591,3 +581,19 @@ network_pass3() {
|
||||
echo '.'
|
||||
network_pass3_done=YES
|
||||
}
|
||||
|
||||
network_pass4() {
|
||||
echo -n 'Additional TCP options:'
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
echo '.'
|
||||
network_pass4_done=YES
|
||||
}
|
||||
|
@ -256,16 +256,6 @@ network_pass1() {
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${icmp_bmcastecho} in
|
||||
[Yy][Ee][Ss])
|
||||
echo -n ' broadcast ping responses=YES'
|
||||
@ -591,3 +581,19 @@ network_pass3() {
|
||||
echo '.'
|
||||
network_pass3_done=YES
|
||||
}
|
||||
|
||||
network_pass4() {
|
||||
echo -n 'Additional TCP options:'
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
echo '.'
|
||||
network_pass4_done=YES
|
||||
}
|
||||
|
@ -256,16 +256,6 @@ network_pass1() {
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
case ${icmp_bmcastecho} in
|
||||
[Yy][Ee][Ss])
|
||||
echo -n ' broadcast ping responses=YES'
|
||||
@ -591,3 +581,19 @@ network_pass3() {
|
||||
echo '.'
|
||||
network_pass3_done=YES
|
||||
}
|
||||
|
||||
network_pass4() {
|
||||
echo -n 'Additional TCP options:'
|
||||
case ${log_in_vain} in
|
||||
[Nn][Oo] | '')
|
||||
;;
|
||||
*)
|
||||
echo -n ' log_in_vain=YES'
|
||||
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
|
||||
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
|
||||
;;
|
||||
esac
|
||||
|
||||
echo '.'
|
||||
network_pass4_done=YES
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user