system: a few more #7440

Leave vm.pmap.pti and hw.ibrs_disable im the sysctl tag for legacy
reasons at the moment keeping their "optional" status.

src/etc/config.xml.sample

@@ -3,36 +3,6 @@
   <trigger_initial_wizard/>
   <theme>opnsense</theme>
   <sysctl>
-    <item>
-      <descr><![CDATA[Generate SYN cookies for outbound SYN-ACK packets]]></descr>
-      <tunable>net.inet.tcp.syncookies</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (receive)]]></descr>
-      <tunable>net.inet.tcp.recvspace</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (send)]]></descr>
-      <tunable>net.inet.tcp.sendspace</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[Do not delay ACK to try and piggyback it onto a data packet]]></descr>
-      <tunable>net.inet.tcp.delayed_ack</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[Enable TCP extended debugging]]></descr>
-      <tunable>net.inet.tcp.log_debug</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[TCP Offload Engine]]></descr>
-      <tunable>net.inet.tcp.tso</tunable>
-      <value>default</value>
-    </item>
     <item>
       <descr><![CDATA[Page Table Isolation (Meltdown mitigation, requires reboot.)]]></descr>
       <tunable>vm.pmap.pti</tunable>

src/etc/inc/system.inc

@@ -95,13 +95,13 @@ function system_sysctl_defaults()
         'net.inet.ip.redirect' => [ 'default' => '0' ],
         'net.inet.ip.sourceroute' => [ 'default' => '0' ],
         'net.inet.tcp.blackhole' => [ 'default' => '2' ],
-        'net.inet.tcp.delayed_ack' => [ 'default' => '0', 'optional' => true ],
+        'net.inet.tcp.delayed_ack' => [ 'default' => '0' ],
         'net.inet.tcp.drop_synfin' => [ 'default' => '1' ],
-        'net.inet.tcp.log_debug' => [ 'default' => '0', 'optional' => true ],
-        'net.inet.tcp.recvspace' => [ 'default' => '65228', 'optional' => true ],
-        'net.inet.tcp.sendspace' => [ 'default' => '65228' , 'optional' => true],
-        'net.inet.tcp.syncookies' => [ 'default' => '1', 'optional' => true ],
-        'net.inet.tcp.tso' => [ 'default' => '1', 'optional' => true ],
+        'net.inet.tcp.log_debug' => [ 'default' => '0' ],
+        'net.inet.tcp.recvspace' => [ 'default' => '65228' ],
+        'net.inet.tcp.sendspace' => [ 'default' => '65228' ],
+        'net.inet.tcp.syncookies' => [ 'default' => '1' ],
+        'net.inet.tcp.tso' => [ 'default' => '1' ],
         'net.inet.udp.blackhole' => [ 'default' => '1' ],
         'net.inet.udp.checksum' => [ 'default' => 1 ],
         'net.inet.udp.maxdgram' => [ 'default' => '57344' ],

src/opnsense/mvc/tests/app/models/OPNsense/ACL/AclConfig/config.xml

@@ -3,36 +3,6 @@
   <trigger_initial_wizard/>
   <theme>opnsense</theme>
   <sysctl>
-    <item>
-      <descr><![CDATA[Generate SYN cookies for outbound SYN-ACK packets]]></descr>
-      <tunable>net.inet.tcp.syncookies</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (receive)]]></descr>
-      <tunable>net.inet.tcp.recvspace</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (send)]]></descr>
-      <tunable>net.inet.tcp.sendspace</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[Do not delay ACK to try and piggyback it onto a data packet]]></descr>
-      <tunable>net.inet.tcp.delayed_ack</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[Enable TCP extended debugging]]></descr>
-      <tunable>net.inet.tcp.log_debug</tunable>
-      <value>default</value>
-    </item>
-    <item>
-      <descr><![CDATA[TCP Offload Engine]]></descr>
-      <tunable>net.inet.tcp.tso</tunable>
-      <value>default</value>
-    </item>
     <item>
       <descr><![CDATA[Page Table Isolation (Meltdown mitigation, requires reboot.)]]></descr>
       <tunable>vm.pmap.pti</tunable>