diff options
| -rw-r--r-- | templates/firewall/twa-hazards-protection/node.def | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/templates/firewall/twa-hazards-protection/node.def b/templates/firewall/twa-hazards-protection/node.def new file mode 100644 index 0000000..e06cbb5 --- /dev/null +++ b/templates/firewall/twa-hazards-protection/node.def @@ -0,0 +1,20 @@ +type: txt + +help: RFC1337 TCP TIME-WAIT assasination hazards protection + +val_help: enable; Enable RFC1337 TIME-WAIT hazards protection +val_help: disable; Disable RFC1337 TIME-WAIT hazards protection + +default: "disable" + +syntax:expression: $VAR(@) in "enable", "disable"; "twa-hazards-protection must be enable or disable" + +update: + if [ x$VAR(@) == xenable ]; then + sudo sh -c "echo 1 > /proc/sys/net/ipv4/tcp_rfc1337" + else + sudo sh -c "echo 0 > /proc/sys/net/ipv4/tcp_rfc1337" + fi + +delete: + sudo sh -c "echo 0 > /proc/sys/net/ipv4/tcp_rfc1337" |