Re: (OT kinda) Newly-discovered TCP flaw
On Friday 12 August 2016 04:58:06 Curt wrote:
> On 2016-08-11, Bob Weber <bobrweber@gmail.com> wrote:
> > The way to do it is to put the line:
> >
> > net.ipv4.tcp_challenge_ack_limit = 999999999
> >
> > in a file in the /etc/sysctl.d directory named xxx.conf (replace xxx
> > with your preferred name).
> >
> > Then run "sysctl -p xxx.conf" and the new value is installed in the
> > kernel tree. My system had a value of 100 before I changed it. At
> > boot the file will be read so the new value will be used then also.
>
> Yes, I have a README.sysctl file in the /etc/sysctl.d directory that
> explains the process as you do (with certain precisions).
>
> Simply using the command 'net.ipv4.tcp_challenge_ack_limit =
> 999999999' as root sets the value, but does not survive a reboot.
> Running 'sysctl -p' with no argument after having issued the above
> command does nothing but reread '/etc/sysctl.conf' (and gives no
> output). 'sysctl -p xxx.conf' echos the new value in xxx.conf.
>
> > ...Bob
And if this has been installed into the /etc/sysctl.conf file, what will
it be set to after a reboot?
I interpret that, since the word "at run time" in that README to mean a
reboot. And I do not see an exception in that README that should muddy
that meaning.
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: