Changing icplim

Status
Not open for further replies.

whistlepigger

Dabbler
Joined
Jun 9, 2011
Messages
15
By default, net.inet.icmp.icmplim is set to 200 to perform icmp rate limiting.

According to the freebsd documentation, I can turn this off in 2 ways:
- editing /etc/sysctl.conf and adding the line net.inet.icmp.icmplim=0
- issuing a sysctl -w net.inet.icmp.icmplim=0

How can I make this permanently happen in freeNAS8 ? It appears that sysctl.conf gets rebuilt at startup, and if I add this line to /boot/loader.conf (after a mount -uw /), the entry is there in loader.conf after a reboot, but it seems to get ignored. Version 7x had areas in the GUI where you could set or modify parameters, but Version 8 seems to hide all this.

There are other settings, such as net.link.ether.inet.log_arp_movements, that I'd also like to change... so if I figure out how to set icplim, that might help with the others.

Thanks.
 

ohnename

Explorer
Joined
May 26, 2011
Messages
88
According to the freebsd documentation, I can turn this off in 2 ways:
- editing /etc/sysctl.conf and adding the line net.inet.icmp.icmplim=0

make your changes in /conf/base/etc (after a mount -uw /) because thats whats read on boot, it is also automatically changed in /etc after a reboot.
 

whistlepigger

Dabbler
Joined
Jun 9, 2011
Messages
15
Thanks ohnename..

I changed my file in /conf/base/etc, and the changes are persistent after a reboot, but the version in /etc does not reflect this:

#cat /conf/base/etc/sysctl.conf
... comments removed ...
kern.metadelay=3
kern.dirdelay=4
kern.filedelay=5
net.inet.icmp.icmplim=0

#cat /etc/sysctl.conf
vfs.nfsrv.async=0
kern.metadelay=3
kern.dirdelay=4
kern.filedelay=5
 

ohnename

Explorer
Joined
May 26, 2011
Messages
88
It seems that FN8 is using a custom file located at /conf/base/etc/rc.d/ix-sysctl
Add it there (after the 3 default lines) and it should be at /etc/sysctl.conf after a reboot
 

whistlepigger

Dabbler
Joined
Jun 9, 2011
Messages
15
Worked great! Thanks.

Too bad that we have to go hacking and embedding lines like that though.
If I apply updates in the future, I may have to hack it again.
I vote we bring back a mechanism for light customization.
:)
 
Status
Not open for further replies.
Top