![]() Mobo: LENOVO model: 20MFCTO1WW v: SDK0R32862 WIN Type: Laptop System: LENOVO product: 20MFCTO1WW v: ThinkPad X1 Extreme V: 4.16.1 vt: 7 dm: LightDM v: 1.30.0 Distro: Manjaro Linux base: Arch Linux Unfortunately there was a bug in the incremental TCPĬhecksum update, resulting in broken TCP checksums on little endian machines.Kernel: 5.17.1-3-MANJARO arch: x86_64 bits: 64 compiler: gcc v: 11.2.0 The 2.4.20 kernel included the new iptables 'ECN' target, enabling a selectiveĮCN disable mechanism. The logging is kept to notify the admin on the violation of the givenprotocol.Ġ5_ECN-tcpchecksum-littleendian-fix.patch: The logging is converted to debugging (not enabled by default), otherwise When the conntrack helper is registered with the reuse flag enabled, then The patch fixes the problem by separating the two possible cases: Triggered when a client tries to download/list non-existent entries inĪctive mode and then wants to download other files as well. (or something like this), The patch makes ipt_REJECT verify UDP checksums if set.Īs 2.4.20 came out with newnat included, there were several reports onĮxcessive logging of reused FTP expectations.Ī tcpdump (thanks to jpiszcz) proved that such log entries can easily be (as described in phrack #60, "broken crc firewall spotting" Invalid checksums, thereby exposing the existance of a firewall Ipt_REJECT sends unreachables in response to UDP packets with ![]() This patch is necessarry for UDP nat helpers Make ip_nat_resize_packet() more generic (TCP and UDP)Īdd ip_nat_mangle_udp_packet() function similar to # Network -1914,13 +1895,7 CONFIG_GRKERNSEC_SOCKET is not set +# CONFIG_GRKERNSEC_AUDIT_MOUNT is not set +# CONFIG_GRKERNSEC_AUDIT_CHDIR is not set +# CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set +# CONFIG_GRKERNSEC_AUDIT_GROUP is not set +# CONFIG_GRKERNSEC_PROC_MEMMAP is not set ![]() +# CONFIG_GRKERNSEC_PAX_NOEXEC is not set +# CONFIG_FBCON_SPLASHSCREEN is not -1809,9 +1819,6 CONFIG_DEBUG_SPINLOCK is not set # CONFIG_MTD is not -176,6 +183,7 CONFIG_CDROM_PKTCDVD is not -406,7 +414,7 CONFIG_IPSEC_ALG_NON_LIBRE is not -512,7 +520,6 CONFIG_SCSI_DEBUG_QUEUES is not set # CONFIG_APM_IGNORE_USER_SUSPEND is not -114,6 +116,11 CONFIG_APM_REAL_MODE_POWER_OFF is not set # CONFIG_HOTPLUG_PCI_ACPI is not -103,7 +106,6 CONFIG_ACPI is not set # CONFIG_PCI_GODIRECT is not -92,7 +96,6 CONFIG_HOTPLUG_PCI_COMPAQ_NVRAM is not set ![]() # CONFIG_M586 is not -55,16 +57,18 CONFIG_HIGHMEM is not set Los kernels destinados a los sistemas de escritorio. Guardada la configuración para los kernels destinados a servidores yĢ.4.20.nf la configuración para Las diferencias principales son: los sistemas deĮscritorio no poseeran soporte multiprocesador y la configuración de grsecurityĮs menos restrictiva que para los servidores.Ī continuación veremos la salida del comando: La configuración del kernel varía dependiendo de si este está destinado a servidores Diferencias entre la instalación por Debootstrap y la tradicional 7. Uso de XML para distintas partes de la distribución 6. Posibles opciones para el /etc/fstab 4.5. ![]() Eliminar servicios no importantes de /etc/nf 4.4. Uso de shadow passwords y claves md5 4.2. Cambios propuestos a la configuración por defecto de Debian 4.1. Divisiones del núcleo de metadistros 3.1. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |