/*\r
- * FreeRTOS+TCP V2.0.1\r
+ * FreeRTOS+TCP V2.0.11\r
* Copyright (C) 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.\r
*\r
* Permission is hereby granted, free of charge, to any person obtaining a copy of\r
\r
#if( ipconfigUSE_DNS_CACHE != 0 )\r
#ifndef ipconfigDNS_CACHE_NAME_LENGTH\r
- #define ipconfigDNS_CACHE_NAME_LENGTH ( 16 )\r
+ /* Per https://tools.ietf.org/html/rfc1035, 253 is the maximum string length\r
+ of a DNS name. The following default accounts for a null terminator. */\r
+ #define ipconfigDNS_CACHE_NAME_LENGTH 254\r
#endif\r
\r
#ifndef ipconfigDNS_CACHE_ENTRIES\r
- #define ipconfigDNS_CACHE_ENTRIES 0\r
+ #define ipconfigDNS_CACHE_ENTRIES 1\r
#endif\r
#endif /* ipconfigUSE_DNS_CACHE != 0 */\r
\r
#define ipconfigUSE_NBNS 0\r
#endif\r
\r
+/* As an attack surface reduction for ports that listen for inbound \r
+connections, hang protection can help reduce the impact of SYN floods. */\r
#ifndef ipconfigTCP_HANG_PROTECTION\r
- #define ipconfigTCP_HANG_PROTECTION 0\r
+ #define ipconfigTCP_HANG_PROTECTION 1\r
+#endif\r
+\r
+/* Non-activity timeout is expressed in seconds. */\r
+#ifndef ipconfigTCP_HANG_PROTECTION_TIME\r
+ #define ipconfigTCP_HANG_PROTECTION_TIME 30\r
#endif\r
\r
#ifndef ipconfigTCP_IP_SANITY\r