Here are my sysctl net settings:
net.inet.ip.forwarding=1 net.inet.ip.redirect=1 net.inet.ip.ttl=64 net.inet.ip.sourceroute=0 net.inet.ip.directed-broadcast=0 net.inet.ip.portfirst=1024 net.inet.ip.portlast=49151 net.inet.ip.porthifirst=49152 net.inet.ip.porthilast=65535 net.inet.ip.maxqueue=300 net.inet.ip.encdebug=0 net.inet.ip.ipsec-expire-acquire=30 net.inet.ip.ipsec-invalid-life=60 net.inet.ip.ipsec-pfs=1 net.inet.ip.ipsec-soft-allocs=0 net.inet.ip.ipsec-allocs=0 net.inet.ip.ipsec-soft-bytes=0 net.inet.ip.ipsec-bytes=0 net.inet.ip.ipsec-timeout=86400 net.inet.ip.ipsec-soft-timeout=80000 net.inet.ip.ipsec-soft-firstuse=3600 net.inet.ip.ipsec-firstuse=7200 net.inet.ip.ipsec-enc-alg=aes net.inet.ip.ipsec-auth-alg=hmac-sha1 net.inet.ip.mtudisc=1 net.inet.ip.mtudisctimeout=600 net.inet.ip.ipsec-comp-alg=deflate net.inet.ip.ifq.len=0 net.inet.ip.ifq.maxlen=256 net.inet.ip.ifq.drops=0 net.inet.ip.mforwarding=0 net.inet.ip.multipath=0 net.inet.ip.mrtproto=19 net.inet.icmp.maskrepl=0 net.inet.icmp.bmcastecho=0 net.inet.icmp.errppslimit=100 net.inet.icmp.rediraccept=1 net.inet.icmp.redirtimeout=600 net.inet.icmp.tstamprepl=1 net.inet.ipip.allow=0 net.inet.tcp.rfc1323=1 net.inet.tcp.keepinittime=150 net.inet.tcp.keepidle=14400 net.inet.tcp.keepintvl=150 net.inet.tcp.slowhz=2 net.inet.tcp.baddynamic=587,749,750,751,871 net.inet.tcp.recvspace=16384 net.inet.tcp.sendspace=16384 net.inet.tcp.sack=1 net.inet.tcp.mssdflt=512 net.inet.tcp.rstppslimit=100 net.inet.tcp.ackonpush=0 net.inet.tcp.ecn=0 net.inet.tcp.syncachelimit=10255 net.inet.tcp.synbucketlimit=105 net.inet.tcp.rfc3390=1 net.inet.tcp.reasslimit=3072 net.inet.tcp.sackholelimit=32768 net.inet.udp.checksum=1 net.inet.udp.baddynamic=623,664,749,750,751 net.inet.udp.recvspace=41600 net.inet.udp.sendspace=9216 net.inet.gre.allow=1 net.inet.gre.wccp=0 net.inet.esp.enable=1 net.inet.esp.udpencap=1 net.inet.esp.udpencap_port=4500 net.inet.ah.enable=1 net.inet.mobileip.allow=0 net.inet.etherip.allow=0 net.inet.ipcomp.enable=0 net.inet.carp.allow=1 net.inet.carp.preempt=0 net.inet.carp.log=0 -- View this message in context: http://www.nabble.com/Firewall-4.3-is-limiting-bandwidth-tp21720950p21795381.html Sent from the openbsd user - misc mailing list archive at Nabble.com.
