[LEDE-DEV] [PATCH] firewall3: Enable TCP_ECN by default.
rosenp at gmail.com
Mon Oct 2 23:36:20 PDT 2017
This used to be the default back in 2008 and then reverted in 2009 when the setting was a boolean. Now that 2 is equivalent to 1 from that time, change it to 1. This also matches the default with many desktop Linux distributions.
v2: On further investigation, kernel 4.2 introduced tcp_ecn_fallback to deal with ECN failures. It also turns out that the kernel defaults to 2 for tcp_ecn and 1 for fallback. Bump up to 2 to match the kernel.
Signed-off-by: Rosen Penev <rosenp at gmail.com>
defaults.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/defaults.c b/defaults.c
index 85a3750..68e40f5 100644
@@ -90,6 +90,7 @@ fw3_load_defaults(struct fw3_state *state, struct uci_package *p)
defs->syn_flood_rate.rate = 25;
defs->syn_flood_rate.burst = 50;
+ defs->tcp_ecn = 2;
defs->tcp_syncookies = true;
defs->tcp_window_scaling = true;
defs->custom_chains = true;
More information about the Lede-dev