ipvs: secure_tcp does provide alternate state timeouts

Also reword the test to make it read more easily (to me) Signed-off-by: N Simon Horman <horms@verge.net.au> Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>

ipvs: secure_tcp does provide alternate state timeouts
Also reword the test to make it read more easily (to me) Signed-off-by: N Simon Horman <horms@verge.net.au> Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>
325aadc8 · Simon Horman · Pablo Neira Ayuso · b6338b55 · 325aadc8
隐藏空白更改
内联并排

Showing with 4 addition and 6 deletion

Documentation/networking/ipvs-sysctl.txt Documentation/networking/ipvs-sysctl.txt +4 -6

未找到文件。
--- a/Documentation/networking/ipvs-sysctl.txt
+++ b/Documentation/networking/ipvs-sysctl.txt
@@ -140,13 +140,11 @@ nat_icmp_send - BOOLEAN
 secure_tcp - INTEGER
        0  - disabled (default)

-        The secure_tcp defense is to use a more complicated state
-        transition table and some possible short timeouts of each
-        state. In the VS/NAT, it delays the entering the ESTABLISHED
-        until the real server starts to send data and ACK packet
-        (after 3-way handshake).
+	The secure_tcp defense is to use a more complicated TCP state
+	transition table. For VS/NAT, it also delays entering the
+	TCP ESTABLISHED state until the three way handshake is completed.

-        The value definition is the same as that of drop_entry or
+        The value definition is the same as that of drop_entry and
        drop_packet.

 sync_threshold - INTEGER