making NMAP's job harder on FreeBSD

["David O'Brien" <obrien () FreeBSD ORG>]

This just went into FreeBSD 4.0-CURRENT (the development branch).
I expect it will also appear in 3.3-RELEASE (mid-sept).

----- Forwarded message
Date: Wed, 18 Aug 1999 08:40:06 -0700 (PDT)
Subject: cvs commit: src/sys/netinet tcp_input.c

  Modified files:
    sys/netinet          tcp_input.c 
  Log:
  Slight tweak to tcp.blackhole to add optional behaviour to
  drop any segment arriving at a closed port.
  tcp.blackhole=1 - only drop SYN without RST
  tcp.blackhole=2 - drop everything without RST
  tcp.blackhole=0 - always send RST - default behaviour
  
  This confuses nmap -sF or -sX or -sN quite badly.
  
  Revision  Changes    Path
  1.89      +26 -9     src/sys/netinet/tcp_input.c
----- End forwarded message -----