1

This link of freebsdblog.org suggests a configuration option for FreeBSD that tells the system to drop all packages arriving from the network to a closed port and thus somewhat securing your system and also saving some upload bandwidth as well as cpu time. These are the shell commands to run:

sysctl net.inet.tcp.blackhole=2
sysctl net.inet.udp.blackhole=1

and this you should also insert to the /etc/sysctl.conf file so the settings survive a server reboot:

net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1

That's cool so far, but. My Fedora Linux box keeps saying

error: "net.inet.tcp.blackhole" is an unknown key

The quoted parameter names are not listed under /proc/sys, and not returned by sysctl -a.

I found no reference to this problem online. Am I missing something? Do these parameter names differ under Fedora? Do I need some additional package to have this functionality?

Any help is greatly appreciated.

masegaloeh
  • 18,236
  • 10
  • 57
  • 106
Mark Szente
  • 21
  • 2
  • 5

1 Answers1

2

You do realise that Fedora isn't FreeBSD, don't you? To do something similar to this in a Linux distribution, just set the policy on your firewall to be DROP.

womble
  • 96,255
  • 29
  • 175
  • 230
  • Yup I do realize. I just thought the same solution could as well exist in both cases. Anyway, thanks very much for the solution! – Mark Szente Oct 28 '09 at 16:54