firewall4: are the options tcp_syncookies, tcp_ecn, tcp_window_scaling, accept_redirects and accept_source_route used at all by the fw4
Florian Eckert
fe at dev.tdt.de
Wed Mar 12 08:55:14 PDT 2025
Hello Jo,
Hello Community
I have just gone through the options of the fw4 and wanted to
integrate the missing and useful ones into the LuCI [1]. I have
noticed, that the following boolean options are in the fw4 default
parser configuration section but they are not used anywhere else
in the fw4 source!
* tcp_syncookies [2]
* tcp_ecn [3]
* tcp_window_scaling [4]
* accept_redirects [5]
* accept_source_route [6]
I have only seen that the option 'tcp_syncookies' is set via
sysctl [7]. But this option is not configurable.
Can they all be deleted from the fw4 source or is anyone else
using these options in the system?
Some of this options are also available in fw3 since the initial
checkin of the source.
Are these perhaps artefacts from a bygone era?
Best regards
Florian
[1]
https://openwrt.org/docs/guide-user/firewall/firewall_configuration#options
[2]
https://git.openwrt.org/?p=project/firewall4.git;a=blob;f=root/usr/share/ucode/fw4.uc;hb=HEAD#l1962
[3]
https://git.openwrt.org/?p=project/firewall4.git;a=blob;f=root/usr/share/ucode/fw4.uc;hb=HEAD#l1963
[4]
https://git.openwrt.org/?p=project/firewall4.git;a=blob;f=root/usr/share/ucode/fw4.uc;hb=HEAD#l1964
[5]
https://git.openwrt.org/?p=project/firewall4.git;a=blob;f=root/usr/share/ucode/fw4.uc;hb=HEAD#l1966
[6]
https://git.openwrt.org/?p=project/firewall4.git;a=blob;f=root/usr/share/ucode/fw4.uc;hb=HEAD#l1967
[7]
https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=package/base-files/files/etc/sysctl.d/10-default.conf;hb=HEAD#l22
More information about the openwrt-devel
mailing list