summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2010-06-03 00:42:30 +0000
committerDavid S. Miller <davem@davemloft.net>2010-06-04 15:56:01 -0700
commit57f1553ee5d9f093660cc49098f494e17ed11668 (patch)
tree95387158da48c4dde7bb17477f87944c13e2456f
parentca739481662137b8f717bc21f16719cda3c33d6b (diff)
downloadlinux-57f1553ee5d9f093660cc49098f494e17ed11668.tar.gz
linux-57f1553ee5d9f093660cc49098f494e17ed11668.tar.bz2
linux-57f1553ee5d9f093660cc49098f494e17ed11668.zip
syncookies: remove Kconfig text line about disabled-by-default
syncookies default to on since e994b7c901ded7200b525a707c6da71f2cf6d4bb (tcp: Don't make syn cookies initial setting depend on CONFIG_SYSCTL). Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/Kconfig10
1 files changed, 5 insertions, 5 deletions
diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig
index 8e3a1fd938ab..7c3a7d191249 100644
--- a/net/ipv4/Kconfig
+++ b/net/ipv4/Kconfig
@@ -303,7 +303,7 @@ config ARPD
If unsure, say N.
config SYN_COOKIES
- bool "IP: TCP syncookie support (disabled per default)"
+ bool "IP: TCP syncookie support"
---help---
Normal TCP/IP networking is open to an attack known as "SYN
flooding". This denial-of-service attack prevents legitimate remote
@@ -328,13 +328,13 @@ config SYN_COOKIES
server is really overloaded. If this happens frequently better turn
them off.
- If you say Y here, note that SYN cookies aren't enabled by default;
- you can enable them by saying Y to "/proc file system support" and
+ If you say Y here, you can disable SYN cookies at run time by
+ saying Y to "/proc file system support" and
"Sysctl support" below and executing the command
- echo 1 >/proc/sys/net/ipv4/tcp_syncookies
+ echo 0 > /proc/sys/net/ipv4/tcp_syncookies
- at boot time after the /proc file system has been mounted.
+ after the /proc file system has been mounted.
If unsure, say N.