From 8dc47ef6069cce08822735df00699072f4db236d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@FreeBSD.org>
Date: Mon, 13 Sep 1999 09:45:07 +0000
Subject: [PATCH] Fix disordering introduced in my previous commit.

Pointed out by:	bde
---
 etc/defaults/rc.conf |  2 +-
 sys/conf/NOTES       | 10 +++++-----
 sys/i386/conf/LINT   | 10 +++++-----
 sys/i386/conf/NOTES  | 10 +++++-----
 4 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index b62f6f9683e..3e87afaaa81 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -49,9 +49,9 @@ natd_flags=""                   # Additional flags for natd.
 tcp_extensions="NO"		# Set to YES to turn on RFC1323 extensions.
 log_in_vain="NO"		# YES to log connects to ports w/o listeners.
 tcp_keepalive="YES"		# Enable stale TCP connection timeout (or NO).
-tcp_restrict_rst="NO"		# Set to YES to restrict emission of RST
 tcp_drop_synfin="NO"		# Set to YES to drop TCP packets with SYN+FIN
 				# NOTE: this breaks rfc1644 extensions (T/TCP)
+tcp_restrict_rst="NO"		# Set to YES to restrict emission of RST
 icmp_drop_redirect="NO"		# Set to YES to ignore ICMP REDIRECT packets
 icmp_log_redirect="NO"		# Set to YES to log ICMP REDIRECT packets
 network_interfaces="auto"	# List of network interfaces (or "auto").
diff --git a/sys/conf/NOTES b/sys/conf/NOTES
index 3b8b8a7d907..ed50060dace 100644
--- a/sys/conf/NOTES
+++ b/sys/conf/NOTES
@@ -472,16 +472,16 @@ options 	TCPDEBUG
 # The following options add sysctl variables for controlling how certain
 # TCP packets are handled.
 # 
-# TCP_RESTRICT_RST adds support for blocking the emission of TCP RST packets.
-# This is useful on systems which are exposed to SYN floods (e.g. IRC servers)
-# or any system which one does not want to be easily portscannable.
-# 
 # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. This
 # prevents nmap et al. from identifying the TCP/IP stack, but breaks support
 # for RFC1644 extensions and is not recommended for web servers.
 # 
-options 	TCP_RESTRICT_RST	#restrict emission of TCP RST
+# TCP_RESTRICT_RST adds support for blocking the emission of TCP RST packets.
+# This is useful on systems which are exposed to SYN floods (e.g. IRC servers)
+# or any system which one does not want to be easily portscannable.
+# 
 options 	TCP_DROP_SYNFIN		#drop TCP packets with SYN+FIN
+options 	TCP_RESTRICT_RST	#restrict emission of TCP RST
 
 # ICMP_BANDLIM enables icmp error response bandwidth limiting.   You
 # typically want this option as it will help protect the machine from
diff --git a/sys/i386/conf/LINT b/sys/i386/conf/LINT
index 3b8b8a7d907..ed50060dace 100644
--- a/sys/i386/conf/LINT
+++ b/sys/i386/conf/LINT
@@ -472,16 +472,16 @@ options 	TCPDEBUG
 # The following options add sysctl variables for controlling how certain
 # TCP packets are handled.
 # 
-# TCP_RESTRICT_RST adds support for blocking the emission of TCP RST packets.
-# This is useful on systems which are exposed to SYN floods (e.g. IRC servers)
-# or any system which one does not want to be easily portscannable.
-# 
 # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. This
 # prevents nmap et al. from identifying the TCP/IP stack, but breaks support
 # for RFC1644 extensions and is not recommended for web servers.
 # 
-options 	TCP_RESTRICT_RST	#restrict emission of TCP RST
+# TCP_RESTRICT_RST adds support for blocking the emission of TCP RST packets.
+# This is useful on systems which are exposed to SYN floods (e.g. IRC servers)
+# or any system which one does not want to be easily portscannable.
+# 
 options 	TCP_DROP_SYNFIN		#drop TCP packets with SYN+FIN
+options 	TCP_RESTRICT_RST	#restrict emission of TCP RST
 
 # ICMP_BANDLIM enables icmp error response bandwidth limiting.   You
 # typically want this option as it will help protect the machine from
diff --git a/sys/i386/conf/NOTES b/sys/i386/conf/NOTES
index 3b8b8a7d907..ed50060dace 100644
--- a/sys/i386/conf/NOTES
+++ b/sys/i386/conf/NOTES
@@ -472,16 +472,16 @@ options 	TCPDEBUG
 # The following options add sysctl variables for controlling how certain
 # TCP packets are handled.
 # 
-# TCP_RESTRICT_RST adds support for blocking the emission of TCP RST packets.
-# This is useful on systems which are exposed to SYN floods (e.g. IRC servers)
-# or any system which one does not want to be easily portscannable.
-# 
 # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. This
 # prevents nmap et al. from identifying the TCP/IP stack, but breaks support
 # for RFC1644 extensions and is not recommended for web servers.
 # 
-options 	TCP_RESTRICT_RST	#restrict emission of TCP RST
+# TCP_RESTRICT_RST adds support for blocking the emission of TCP RST packets.
+# This is useful on systems which are exposed to SYN floods (e.g. IRC servers)
+# or any system which one does not want to be easily portscannable.
+# 
 options 	TCP_DROP_SYNFIN		#drop TCP packets with SYN+FIN
+options 	TCP_RESTRICT_RST	#restrict emission of TCP RST
 
 # ICMP_BANDLIM enables icmp error response bandwidth limiting.   You
 # typically want this option as it will help protect the machine from