25.1.1 System: Settings: Tunables - Incorrect default values

pfry · February 15, 2025, 06:57:53 PM

OPNsense 25.1.1-amd64. I didn't see this mentioned in a quick forum search.

Tunable			Type	Value	Default value	Description
net.inet.tcp.blackhole	runtime	default	0		Drop packets to closed TCP ports without returning a RST	  
net.inet.udp.blackhole	runtime	default	0		Do not send ICMP port unreachable message

Looking from a shell, these are not set to 0, nor would I expect them to be by default. Merely two examples - not comprehensive.

If you're trying to configure these and expect the defaults to be accurate, you may end up with extra or incorrect settings. Also, this makes me distrust the "reset to defaults" trash can.

(Aside: Edit: I thought there was a description error from FreeBSD, but it was just me.)

25.1.1 System: Settings: Tunables - Incorrect default values

pfry

February 15, 2025, 06:57:53 PM Last Edit: February 15, 2025, 07:12:28 PM by pfry Reason: Correction