Re: net.inet.tcp.tso=0

To: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Subject: Re: net.inet.tcp.tso=0
From: el kalin <kalin%el.net@localhost>
Date: Mon, 16 Mar 2015 15:57:48 -0400

ok so… it appears to me that ipf does't have an easy way to load files with a large number of subnets. in pf i can do:

table <blocked_zones> persist file "/etc/pf-files/blocked_zones"

and it will load a file with all the chinese ip ranges. and then i can block on  <blocked_zones>.  how do i do that in ipf?!

thanks

On Sat, Mar 14, 2015 at 7:14 AM, Manuel Bouyer <bouyer%antioche.eu.org@localhost> wrote:

On Fri, Mar 13, 2015 at 11:25:50PM -0400, el kalin wrote:
> it didn't work. this is what happened:
>
> # sysctl net.inet.tcp.tso=0
> sysctl: fourth level name 'tso' in 'net.inet.tcp.tso' is invalid

yes, this sysctl doesn't exist on netbsd.

>
> is there any firewall / packet filter that would work on the netbsd 6 ec2
> image? anyone?

ipf works and is compiled by default in the kernel.

--
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
NetBSD: 26 ans d'experience feront toujours la difference
--

Follow-Ups:
- Re: net.inet.tcp.tso=0
  - From: el kalin

References:
- net.inet.tcp.tso=0
  - From: el kalin
- Re: net.inet.tcp.tso=0
  - From: el kalin
- Re: net.inet.tcp.tso=0
  - From: el kalin
- Re: net.inet.tcp.tso=0
  - From: Manuel Bouyer

Prev by Date: Re: NPF syntax
Next by Date: Re: net.inet.tcp.tso=0
Previous by Thread: Re: net.inet.tcp.tso=0
Next by Thread: Re: net.inet.tcp.tso=0
Indexes:

Home | Main Index | Thread Index | Old Index