Update documentation relating to sysctls in a post-syncache

world. Goodbye tcp.tcp_lq_overflow and tcp.strict_rfc1948, hello tcp.syncookies. MFC after: 3 days
2002-04-10 19:52:21 +00:00 · 2002-04-10 19:52:21 +00:00 · 102b06f844
commit 102b06f844
parent 989db74d57
1 changed files with 4 additions and 13 deletions
--- a/share/man/man4/tcp.4
+++ b/share/man/man4/tcp.4
@ -255,13 +255,6 @@ state.
 Flush packets in the
 .Tn TCP
 reassembly queue if the system is low on mbufs.
-.\"
-.\" This option should go away and become the default.
-.\"
-.It tcp.tcp_lq_overflow
-If a connection is dropped due to a listen queue overflow, delete the
-cloned route associated with the connection if it does not have any
-prior information.
 .It tcp.blackhole
 If enabled, disable sending of RST when a connection is attempted
 to a port where there is not a socket accepting connections.
@ -290,12 +283,10 @@ in the
 .It tcp.pcbcount
 Number of active process control blocks
 (read-only).
-.It tcp.strict_rfc1948
-Enable strict RFC 1948 (Defending Against Sequence Number Attacks)
-compliance.
-Setting this variable to a non-zero value will disable reseeding and
-will disable the use of randomized initial sequence numbers in favor
-of MD5-generated initial sequence numbers.
+.It tcp.syncookies
+Determines whether or not syn cookies should be generated for
+outbound syn-ack packets.  Syn cookies are a great help during
+syn flood attacks, and are enabled by default.
 .It tcp.isn_reseed_interval
 The interval (in seconds) specifying how often the secret data used in
 RFC 1948 initial sequence number calculations should be reseeded.