diff options
author | Florian Westphal <fw@strlen.de> | 2010-06-03 00:42:30 +0000 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2010-06-04 15:56:01 -0700 |
commit | 57f1553ee5d9f093660cc49098f494e17ed11668 (patch) | |
tree | 95387158da48c4dde7bb17477f87944c13e2456f /net | |
parent | ca739481662137b8f717bc21f16719cda3c33d6b (diff) | |
download | linux-57f1553ee5d9f093660cc49098f494e17ed11668.tar.bz2 |
syncookies: remove Kconfig text line about disabled-by-default
syncookies default to on since
e994b7c901ded7200b525a707c6da71f2cf6d4bb
(tcp: Don't make syn cookies initial setting depend on CONFIG_SYSCTL).
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/Kconfig | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig index 8e3a1fd938ab..7c3a7d191249 100644 --- a/net/ipv4/Kconfig +++ b/net/ipv4/Kconfig @@ -303,7 +303,7 @@ config ARPD If unsure, say N. config SYN_COOKIES - bool "IP: TCP syncookie support (disabled per default)" + bool "IP: TCP syncookie support" ---help--- Normal TCP/IP networking is open to an attack known as "SYN flooding". This denial-of-service attack prevents legitimate remote @@ -328,13 +328,13 @@ config SYN_COOKIES server is really overloaded. If this happens frequently better turn them off. - If you say Y here, note that SYN cookies aren't enabled by default; - you can enable them by saying Y to "/proc file system support" and + If you say Y here, you can disable SYN cookies at run time by + saying Y to "/proc file system support" and "Sysctl support" below and executing the command - echo 1 >/proc/sys/net/ipv4/tcp_syncookies + echo 0 > /proc/sys/net/ipv4/tcp_syncookies - at boot time after the /proc file system has been mounted. + after the /proc file system has been mounted. If unsure, say N. |