This link of freebsdblog.org suggests a configuration option for FreeBSD that tells the system to drop all packages arriving from the network to a closed port and thus somewhat securing your system and also saving some upload bandwidth as well as cpu time. These are the shell commands to run:
sysctl net.inet.tcp.blackhole=2
sysctl net.inet.udp.blackhole=1
and this you should also insert to the /etc/sysctl.conf file so the settings survive a server reboot:
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
That's cool so far, but. My Fedora Linux box keeps saying
error: "net.inet.tcp.blackhole" is an unknown key
The quoted parameter names are not listed under /proc/sys, and not returned by sysctl -a.
I found no reference to this problem online. Am I missing something? Do these parameter names differ under Fedora? Do I need some additional package to have this functionality?
Any help is greatly appreciated.
Best Answer
You do realise that Fedora isn't FreeBSD, don't you? To do something similar to this in a Linux distribution, just set the policy on your firewall to be DROP.