Project

General

Profile

« Previous | Next » 

Revision d0b461f5

Added by Scott Ullrich over 15 years ago

Add lookup table for sysctl tunable (sysctl.inc). Make config.xml values default to value 'default' Ticket #71

View differences:

conf.default/config.xml
8 8 
		<item>
9 9 
			<desc>Set the ephemeral port range to be lower.</desc>
10 10 
			<tunable>net.inet.ip.portrange.first</tunable>
11 
			<value>1024</value>
11 
			<value>default</value>
12 12 
		</item>
13 13 
		<item>
14 14 
			<desc>Drop packets to closed TCP ports without returning a RST</desc>
15 15 
			<tunable>net.inet.tcp.blackhole</tunable>
16 
			<value>2</value>
16 
			<value>default</value>
17 17 
		</item>
18 18 
		<item>
19 19 
			<desc>Do not send ICMP port unreachable messages for closed UDP ports</desc>
20 20 
			<tunable>net.inet.udp.blackhole</tunable>
21 
			<value>1</value>
21 
			<value>default</value>
22 22 
		</item>
23 23 
		<item>
24 24 
			<desc>Randomize the ID field in IP packets (default is 0: sequential IP IDs)</desc>
25 25 
			<tunable>net.inet.ip.random_id</tunable>
26 
			<value>1</value>
26 
			<value>default</value>
27 27 
		</item>
28 28 
		<item>
29 29 
			<desc>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</desc>
30 30 
			<tunable>net.inet.tcp.drop_synfin</tunable>
31 
			<value>1</value>
31 
			<value>default</value>
32 32 
		</item>
33 33 
		<item>
34 34 
			<desc>Enable sending IPv4 redirects</desc>
35 35 
			<tunable>net.inet.ip.redirect</tunable>
36 
			<value>1</value>
36 
			<value>default</value>
37 37 
		</item>
38 38 
		<item>
39 39 
			<desc>Enable sending IPv6 redirects</desc>
40 40 
			<tunable>net.inet6.ip6.redirect</tunable>
41 
			<value>1</value>
41 
			<value>default</value>
42 42 
		</item>
43 43 
		<item>
44 44 
			<desc>Generate SYN cookies for outbound SYN-ACK packets</desc>
45 45 
			<tunable>net.inet.tcp.syncookies</tunable>
46 
			<value>1</value>
46 
			<value>default</value>
47 47 
		</item>
48 48 
		<item>
49 49 
			<desc>Maximum incoming/outgoing TCP datagram size (receive)</desc>
50 50 
			<tunable>net.inet.tcp.recvspace</tunable>
51 
			<value>65228</value>
51 
			<value>default</value>
52 52 
		</item>
53 53 
		<item>
54 54 
			<desc>Maximum incoming/outgoing TCP datagram size (send)</desc>
55 55 
			<tunable>net.inet.tcp.sendspace</tunable>
56 
			<value>65228</value>
56 
			<value>default</value>
57 57 
		</item>
58 58 
		<item>
59 59 
			<desc>IP Fastforwarding</desc>
60 60 
			<tunable>net.inet.ip.fastforwarding</tunable>
61 
			<value>1</value>
61 
			<value>default</value>
62 62 
		</item>
63 63 
		<item>
64 64 
			<desc>Do not delay ACK to try and piggyback it onto a data packet</desc>
65 65 
			<tunable>net.inet.tcp.delayed_ack</tunable>
66 
			<value>0</value>
66 
			<value>default</value>
67 67 
		</item>
68 68 
		<item>
69 69 
			<desc>Maximum outgoing UDP datagram size</desc>
70 70 
			<tunable>net.inet.udp.maxdgram</tunable>
71 
			<value>57344</value>
71 
			<value>default</value>
72 72 
		</item>
73 73 
		<item>
74 74 
			<desc>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</desc>
75 75 
			<tunable>net.link.bridge.pfil_onlyip</tunable>
76 
			<value>0</value>
76 
			<value>default</value>
77 77 
		</item>
78 78 
		<item>
79 79 
		        <desc>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</desc>
80 80 
		        <tunable>net.link.bridge.pfil_member</tunable>
81 
		        <value>1</value>
81 
		        <value>default</value>
82 82 
		</item>
83 83 
		<item>
84 84 
		        <desc>Set to 1 to enable filtering on the bridge interface</desc>
85 85 
		        <tunable>net.link.bridge.pfil_bridge</tunable>
86 
		        <value>0</value>
86 
		        <value>default</value>
87 87 
		</item>
88 88 
		<item>
89 89 
			<desc>Allow unprivileged access to tap(4) device nodes</desc>
90 90 
			<tunable>net.link.tap.user_open</tunable>
91 
			<value>1</value>
91 
			<value>default</value>
92 92 
		</item>
93 93 
		<item>
94 94 
			<desc>Verbosity of the rndtest driver (0: do not display results on console)</desc>
95 95 
			<tunable>kern.rndtest.verbose</tunable>
96 
			<value>0</value>
96 
			<value>default</value>
97 97 
		</item>
98 98 
		<item>
99 99 
			<desc>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</desc>
100 100 
			<tunable>kern.randompid</tunable>
101 
			<value>347</value>
101 
			<value>default</value>
102 102 
		</item>
103 103 
		<item>
104 104 
			<desc>Maximum size of the IP input queue</desc>
105 105 
			<tunable>net.inet.ip.intr_queue_maxlen</tunable>
106 
			<value>1000</value>
106 
			<value>default</value>
107 107 
		</item>
108 108 
		<item>
109 109 
			<desc>Disable CTRL+ALT+Delete reboot from keyboard.</desc>
110 110 
			<tunable>hw.syscons.kbd_reboot</tunable>
111 
			<value>0</value>
111 
			<value>default</value>
112 112 
		</item>
113 113 
		<item>
114 114 
			<desc>Enable TCP Inflight mode</desc>
115 115 
			<tunable>net.inet.tcp.inflight.enable</tunable>
116 
			<value>1</value>
116 
			<value>default</value>
117 117 
		</item>
118 118 
		<item>
119 119 
			<desc>Enable TCP extended debugging</desc>
120 120 
			<tunable>net.inet.tcp.log_debug</tunable>
121 
			<value>0</value>
121 
			<value>default</value>
122 122 
		</item>
123 123 
		<item>
124 124 
			<desc>Set ICMP Limits</desc>
125 125 
			<tunable>net.inet.icmp.icmplim</tunable>
126 
			<value>750</value>
126 
			<value>default</value>
127 127 
		</item>
128 128 
		<item>
129 129 
			<desc>TCP Offload Engine</desc>
130 130 
			<tunable>net.inet.tcp.tso</tunable>
131 
			<value>0</value>
131 
			<value>default</value>
132 132 
		</item>
133 133 
		<item>
134 134 
			<desc>TCP Offload Engine - BCE</desc>
135 135 
			<tunable>hw.bce.tso_enable</tunable>
136 
			<value>0</value>
136 
			<value>default</value>
137 137 
		</item>
138 138 
	</sysctl>
139 139 
	<system>

Also available in: Unified diff