[LEDE-DEV] [PATCH] firewall3: Enable TCP_ECN by default.

Rosen Penev rosenp at gmail.com
Mon Oct 2 23:36:20 PDT 2017


This used to be the default back in 2008 and then reverted in 2009 when the setting was a boolean. Now that 2 is equivalent to 1 from that time, change it to 1. This also matches the default with many desktop Linux distributions.

v2: On further investigation, kernel 4.2 introduced tcp_ecn_fallback to deal with ECN failures. It also turns out that the kernel defaults to 2 for tcp_ecn and 1 for fallback. Bump up to 2 to match the kernel.

Signed-off-by: Rosen Penev <rosenp at gmail.com>
---
 defaults.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/defaults.c b/defaults.c
index 85a3750..68e40f5 100644
--- a/defaults.c
+++ b/defaults.c
@@ -90,6 +90,7 @@ fw3_load_defaults(struct fw3_state *state, struct uci_package *p)
 
 	defs->syn_flood_rate.rate  = 25;
 	defs->syn_flood_rate.burst = 50;
+	defs->tcp_ecn		   = 2;
 	defs->tcp_syncookies       = true;
 	defs->tcp_window_scaling   = true;
 	defs->custom_chains        = true;
-- 
2.13.6




More information about the Lede-dev mailing list