FreeBSD Bugzilla – Attachment 215355 Details for
Bug 246951
carp(4): Active CARP member crashes: panic, trap_pfault, ip_input || ip_output when using ipSec, AES-NI (on Intel I350)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
sysctl tunables from pfSense config.xml
pfsense-config.xml-sysctlTunables.txt (text/plain), 4.37 KB, created by
freebsd-bugzilla
on 2020-06-08 11:04:09 UTC
(
hide
)
Description:
sysctl tunables from pfSense config.xml
Filename:
MIME Type:
Creator:
freebsd-bugzilla
Created:
2020-06-08 11:04:09 UTC
Size:
4.37 KB
patch
obsolete
><sysctl> > <item> > <descr><![CDATA[Disable the pf ftp proxy handler.]]></descr> > <tunable>debug.pfftpproxy</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Increase UFS read-ahead speeds to match current state of hard drives and NCQ. More information here: http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html]]></descr> > <tunable>vfs.read_max</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Set the ephemeral port range to be lower.]]></descr> > <tunable>net.inet.ip.portrange.first</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Drop packets to closed TCP ports without returning a RST]]></descr> > <tunable>net.inet.tcp.blackhole</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Do not send ICMP port unreachable messages for closed UDP ports]]></descr> > <tunable>net.inet.udp.blackhole</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Randomize the ID field in IP packets (default is 0: sequential IP IDs)]]></descr> > <tunable>net.inet.ip.random_id</tunable> > <value>default</value> > </item> > <item> > <tunable>net.inet.tcp.drop_synfin</tunable> > <value>default</value> > <descr><![CDATA[Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)]]></descr> > </item> > <item> > <descr><![CDATA[Enable sending IPv4 redirects]]></descr> > <tunable>net.inet.ip.redirect</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Enable sending IPv6 redirects]]></descr> > <tunable>net.inet6.ip6.redirect</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Generate SYN cookies for outbound SYN-ACK packets]]></descr> > <tunable>net.inet.tcp.syncookies</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (receive)]]></descr> > <tunable>net.inet.tcp.recvspace</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (send)]]></descr> > <tunable>net.inet.tcp.sendspace</tunable> > <value>default</value> > </item> > <item> > <tunable>net.inet.tcp.delayed_ack</tunable> > <value>default</value> > <descr><![CDATA[Do not delay ACK to try and piggyback it onto a data packet]]></descr> > </item> > <item> > <descr><![CDATA[Maximum outgoing UDP datagram size]]></descr> > <tunable>net.inet.udp.maxdgram</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Handling of non-IP packets which are not passed to pfil (see if_bridge(4))]]></descr> > <tunable>net.link.bridge.pfil_onlyip</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Set to 0 to disable filtering on the incoming and outgoing member interfaces.]]></descr> > <tunable>net.link.bridge.pfil_member</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Set to 1 to enable filtering on the bridge interface]]></descr> > <tunable>net.link.bridge.pfil_bridge</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Allow unprivileged access to tap(4) device nodes]]></descr> > <tunable>net.link.tap.user_open</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())]]></descr> > <tunable>kern.randompid</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Maximum size of the IP input queue]]></descr> > <tunable>net.inet.ip.intr_queue_maxlen</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Disable CTRL+ALT+Delete reboot from keyboard.]]></descr> > <tunable>hw.syscons.kbd_reboot</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Enable TCP Inflight mode]]></descr> > <tunable>net.inet.tcp.inflight.enable</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Enable TCP extended debugging]]></descr> > <tunable>net.inet.tcp.log_debug</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Set ICMP Limits]]></descr> > <tunable>net.inet.icmp.icmplim</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[TCP Offload Engine]]></descr> > <tunable>net.inet.tcp.tso</tunable> > <value>default</value> > </item> > <item> > <descr><![CDATA[Maximum socket buffer size]]></descr> > <tunable>kern.ipc.maxsockbuf</tunable> > <value>default</value> > </item> > </sysctl>
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 246951
:
215186
|
215217
|
215352
|
215353
|
215354
| 215355