syncookies: remove Kconfig text line about disabled-by-default

syncookies default to on since e994b7c9 (tcp: Don't make syn cookies initial setting depend on CONFIG_SYSCTL). Signed-off-by: N Florian Westphal <fw@strlen.de> Signed-off-by: N David S. Miller <davem@davemloft.net>

syncookies: remove Kconfig text line about disabled-by-default
syncookies default to on since e994b7c9 (tcp: Don't make syn cookies initial setting depend on CONFIG_SYSCTL). Signed-off-by: N Florian Westphal <fw@strlen.de> Signed-off-by: N David S. Miller <davem@davemloft.net>
57f1553e · Florian Westphal · David S. Miller · ca739481 · 57f1553e
隐藏空白更改
内联并排

Showing with 5 addition and 5 deletion

net/ipv4/Kconfig net/ipv4/Kconfig +5 -5

未找到文件。
--- a/net/ipv4/Kconfig
+++ b/net/ipv4/Kconfig
@@ -303,7 +303,7 @@ config ARPD
 	  If unsure, say N.
 config SYN_COOKIES
-	bool "IP: TCP syncookie support (disabled per default)"
+	bool "IP: TCP syncookie support"
 	---help---
 	  Normal TCP/IP networking is open to an attack known as "SYN
 	  flooding". This denial-of-service attack prevents legitimate remote
@@ -328,13 +328,13 @@ config SYN_COOKIES
 	  server is really overloaded. If this happens frequently better turn
 	  them off.
-	  If you say Y here, note that SYN cookies aren't enabled by default;
+	  If you say Y here, you can disable SYN cookies at run time by
-	  you can enable them by saying Y to "/proc file system support" and
+	  saying Y to "/proc file system support" and
 	  "Sysctl support" below and executing the command
-	  echo 1 >/proc/sys/net/ipv4/tcp_syncookies
+	  echo 0 > /proc/sys/net/ipv4/tcp_syncookies
-	  at boot time after the /proc file system has been mounted.
+	  after the /proc file system has been mounted.
 	  If unsure, say N.