diff options
Diffstat (limited to 'Documentation/networking')
| -rw-r--r-- | Documentation/networking/ipvs-sysctl.txt | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/Documentation/networking/ipvs-sysctl.txt b/Documentation/networking/ipvs-sysctl.txt index 1dcdd49594c4..13610e3bcf92 100644 --- a/Documentation/networking/ipvs-sysctl.txt +++ b/Documentation/networking/ipvs-sysctl.txt | |||
| @@ -140,13 +140,11 @@ nat_icmp_send - BOOLEAN | |||
| 140 | secure_tcp - INTEGER | 140 | secure_tcp - INTEGER |
| 141 | 0 - disabled (default) | 141 | 0 - disabled (default) |
| 142 | 142 | ||
| 143 | The secure_tcp defense is to use a more complicated state | 143 | The secure_tcp defense is to use a more complicated TCP state |
| 144 | transition table and some possible short timeouts of each | 144 | transition table. For VS/NAT, it also delays entering the |
| 145 | state. In the VS/NAT, it delays the entering the ESTABLISHED | 145 | TCP ESTABLISHED state until the three way handshake is completed. |
| 146 | until the real server starts to send data and ACK packet | ||
| 147 | (after 3-way handshake). | ||
| 148 | 146 | ||
| 149 | The value definition is the same as that of drop_entry or | 147 | The value definition is the same as that of drop_entry and |
| 150 | drop_packet. | 148 | drop_packet. |
| 151 | 149 | ||
| 152 | sync_threshold - INTEGER | 150 | sync_threshold - INTEGER |