info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
sysctl variable definitions
12 views
Skip to first unread message
Steve Clark
Jan 26, 2012, 10:49:48 AM1/26/12
to
Hi Darren,
Glad your back.
Is there any documentation that describes what the various sysctl setting do in
terms of effecting ipfilter. I have searched but have not been able to turn up
anything definitive.
fr_flags min 0 max 0xffffffff current 0
fr_active min 0 max 0 current 0
fr_control_forwarding min 0 max 0x1 current 0
fr_update_ipid min 0 max 0x1 current 0
fr_chksrc min 0 max 0x1 current 0
fr_minttl min 0 max 0x1 current 4
fr_icmpminfragmtu min 0 max 0x1 current 68
fr_pass min 0 max 0xffffffff current 134217730
fr_tcpidletimeout min 0x1 max 0x7fffffff current 86400
fr_tcpclosewait min 0x1 max 0x7fffffff current 480
fr_tcplastack min 0x1 max 0x7fffffff current 60
fr_tcptimeout min 0x1 max 0x7fffffff current 480
fr_tcpclosed min 0x1 max 0x7fffffff current 60
fr_tcphalfclosed min 0x1 max 0x7fffffff current 7200
fr_udptimeout min 0x1 max 0x7fffffff current 240
fr_udpacktimeout min 0x1 max 0x7fffffff current 24
fr_icmptimeout min 0x1 max 0x7fffffff current 120
fr_icmpacktimeout min 0x1 max 0x7fffffff current 12
fr_iptimeout min 0x1 max 0x7fffffff current 120
fr_statemax min 0x1 max 0x7fffffff current 10163
fr_statesize min 0x1 max 0x7fffffff current 14983
fr_state_lock min 0 max 0x1 current 0
fr_state_maxbucket min 0x1 max 0x7fffffff current 28
fr_state_maxbucket_reset min 0 max 0x1 current 1
ipstate_logging min 0 max 0x1 current 1
fr_nat_lock min 0 max 0x1 current 0
ipf_nattable_sz min 0x1 max 0x7fffffff current 16889
ipf_nattable_max min 0x1 max 0x7fffffff current 50000
ipf_natrules_sz min 0x1 max 0x7fffffff current 509
ipf_rdrrules_sz min 0x1 max 0x7fffffff current 509
ipf_hostmap_sz min 0x1 max 0x7fffffff current 8087
fr_nat_maxbucket min 0x1 max 0x7fffffff current 30
fr_nat_maxbucket_reset min 0 max 0x1 current 1
nat_logging min 0 max 0x1 current 1
fr_defnatage min 0x1 max 0x7fffffff current 1200
fr_defnatipage min 0x1 max 0x7fffffff current 120
fr_defnaticmpage min 0x1 max 0x7fffffff current 6
fr_nat_doflush min 0 max 0x1 current 0
ipf_proxy_debug min 0 max 0xa current 0
ipfr_size min 0x1 max 0x7fffffff current 257
fr_ipfrttl min 0x1 max 0x7fffffff current 120
ipl_suppress min 0 max 0x1 current 1
ipl_logmax min 0 max 0x7fffffff current 7
ipl_logall min 0 max 0x1 current 0
ipl_logsize min 0 max 0x80000 current 8192
ippr_ftp_debug min 0 max 0xa current 0
Glad your back.
Is there any documentation that describes what the various sysctl setting do in
terms of effecting ipfilter. I have searched but have not been able to turn up
anything definitive.
fr_flags min 0 max 0xffffffff current 0
fr_active min 0 max 0 current 0
fr_control_forwarding min 0 max 0x1 current 0
fr_update_ipid min 0 max 0x1 current 0
fr_chksrc min 0 max 0x1 current 0
fr_minttl min 0 max 0x1 current 4
fr_icmpminfragmtu min 0 max 0x1 current 68
fr_pass min 0 max 0xffffffff current 134217730
fr_tcpidletimeout min 0x1 max 0x7fffffff current 86400
fr_tcpclosewait min 0x1 max 0x7fffffff current 480
fr_tcplastack min 0x1 max 0x7fffffff current 60
fr_tcptimeout min 0x1 max 0x7fffffff current 480
fr_tcpclosed min 0x1 max 0x7fffffff current 60
fr_tcphalfclosed min 0x1 max 0x7fffffff current 7200
fr_udptimeout min 0x1 max 0x7fffffff current 240
fr_udpacktimeout min 0x1 max 0x7fffffff current 24
fr_icmptimeout min 0x1 max 0x7fffffff current 120
fr_icmpacktimeout min 0x1 max 0x7fffffff current 12
fr_iptimeout min 0x1 max 0x7fffffff current 120
fr_statemax min 0x1 max 0x7fffffff current 10163
fr_statesize min 0x1 max 0x7fffffff current 14983
fr_state_lock min 0 max 0x1 current 0
fr_state_maxbucket min 0x1 max 0x7fffffff current 28
fr_state_maxbucket_reset min 0 max 0x1 current 1
ipstate_logging min 0 max 0x1 current 1
fr_nat_lock min 0 max 0x1 current 0
ipf_nattable_sz min 0x1 max 0x7fffffff current 16889
ipf_nattable_max min 0x1 max 0x7fffffff current 50000
ipf_natrules_sz min 0x1 max 0x7fffffff current 509
ipf_rdrrules_sz min 0x1 max 0x7fffffff current 509
ipf_hostmap_sz min 0x1 max 0x7fffffff current 8087
fr_nat_maxbucket min 0x1 max 0x7fffffff current 30
fr_nat_maxbucket_reset min 0 max 0x1 current 1
nat_logging min 0 max 0x1 current 1
fr_defnatage min 0x1 max 0x7fffffff current 1200
fr_defnatipage min 0x1 max 0x7fffffff current 120
fr_defnaticmpage min 0x1 max 0x7fffffff current 6
fr_nat_doflush min 0 max 0x1 current 0
ipf_proxy_debug min 0 max 0xa current 0
ipfr_size min 0x1 max 0x7fffffff current 257
fr_ipfrttl min 0x1 max 0x7fffffff current 120
ipl_suppress min 0 max 0x1 current 1
ipl_logmax min 0 max 0x7fffffff current 7
ipl_logall min 0 max 0x1 current 0
ipl_logsize min 0 max 0x80000 current 8192
ippr_ftp_debug min 0 max 0xa current 0
--
Stephen Clark
NetWolves
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve...@netwolves.com
http://www.netwolves.com
Stephen Clark
NetWolves
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve...@netwolves.com
http://www.netwolves.com
0 new messages