From jte@init.eudaemonia.net  Sun Jan 31 12:19:46 1999
Received: from init.eudaemonia.net (init.eudaemonia.net [195.78.67.171])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA15239
          for <FreeBSD-gnats-submit@freebsd.org>; Sun, 31 Jan 1999 12:19:44 -0800 (PST)
          (envelope-from jte@init.eudaemonia.net)
Received: (from jte@localhost)
	by init.eudaemonia.net (8.9.1/8.9.1) id VAA00403;
	Sun, 31 Jan 1999 21:20:26 +0100 (CET)
	(envelope-from jte)
Message-Id: <199901312020.VAA00403@init.eudaemonia.net>
Date: Sun, 31 Jan 1999 21:20:26 +0100 (CET)
From: Jon.T.Erichsen@init.eudaemonia.net
Reply-To: init@eudaemonia.net
To: FreeBSD-gnats-submit@freebsd.org
Subject: Propose adding options to rc.conf and rc.network
X-Send-Pr-Version: 3.2

>Number:         9845
>Category:       conf
>Synopsis:       Propose adding options to rc.conf and rc.network
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 31 12:20:01 PST 1999
>Closed-Date:    Tue Dec 21 08:30:33 PST 1999
>Last-Modified:  Tue Dec 21 08:31:01 PST 1999
>Originator:     Jon T. Erichsen
>Release:        FreeBSD 3.0-RELEASE i386
>Organization:
Mobilix
>Environment:

FreeBSD 3.0-RELEASE i386

>Description:

I propose a change to rc.conf and rc.network which includes options for setting true the net.inet.(tcp|udp).log_in_vain kernel states.

Seeing as how my changes are included in rc.network, they will be executed before rc.d daemon startup scripts, and the kernel will pollute log files until the daemons become active. This might be a problem (?). I thought about using sleep, but decided against it.

My rc.conf diff inserts the new line under "Miscellaneous network options". It seemed the best place, seing as how there is no "dedicated" security issue section.
My rc.network diff inserts the new line last in procedure network_pass2 (Additional network setup). It seemed logical.

3.0-RELEASE source diffs for your patching leisure included.

>How-To-Repeat:

N/A

>Fix:

- BEGIN rc.conf diff -
127a128,129
> tcp_log_in_vain="NO"           # Set to YES to enable logging of unserviced TCP port connects
> udp_log_in_vain="NO"           # Set to YES to enable logging of unserviced UDP port connects
- END rc.conf diff -

- BEGIN rc.network diff -
233a234,244
>     # Log unserviced TCP port connects
>     if [ "X${tcp_log_in_vain}" = X"YES" ]; then
>             echo -n ' tcp_log_in_vain'; \
>             sysctl -w net.inet.tcp.log_in_vain=1 > /dev/null 2>&1
>     fi
> 
>     # Log unserviced UDP port connects
>     if [ "X${udp_log_in_vain}" = X"YES" ]; then
>             echo -n ' udp_log_in_vain'; \
>             sysctl -w net.inet.udp.log_in_vain=1 > /dev/null 2>&1
>     fi
- END rc.network diff -
>Release-Note:
>Audit-Trail:

From: Johan Karlsson <Johan.Karlsson@sm.luth.se>
To: freebsd-gnats-submit@freebsd.org, init@eudaemonia.net,
	imp@freebsd.org
Cc:  
Subject: Re: conf/9845: Propose adding options to rc.conf and rc.network
Date: Fri, 23 Apr 1999 10:48:36 +0200

 This was fixed in 
 etc/rc.network rev 1.42  and
 etc/defaults/rc.conf rev 1.6 by imp
 
 Can someone please MFC and/or close this PR
 
 /Johan
 
 -- 
 Johan Karlsson              Phone : +46 (0)920 720 16 
 Systemteknik, Datalogi      Fax   : +46 (0)920 721 91 
 Lule Tekniska Universitet  E-mail: Johan.Karlsson@SM.LuTH.SE
 S-971 87 LULE, SWEDEN
 
State-Changed-From-To: open->closed 
State-Changed-By: phantom 
State-Changed-When: Tue Dec 21 08:30:33 PST 1999 
State-Changed-Why:  
Fixed by imp at 1999/03/28 
>Unformatted:
