X-Git-Url: https://git.stderr.nl/gitweb?a=blobdiff_plain;f=etc%2Fsysctl.conf;h=4c0e782737772b318dfc7c81699f52387ac910c8;hb=0f35a7446b6610fb34f0eb32d883b9b9740e3a6c;hp=6cd0aebad18b3414ab21b3b93e77bc4d734885a5;hpb=8461477e00d5912d57fc3bec528e80bf98e807a7;p=matthijs%2Fservers%2Fdrsnuggles.git diff --git a/etc/sysctl.conf b/etc/sysctl.conf index 6cd0aeb..4c0e782 100644 --- a/etc/sysctl.conf +++ b/etc/sysctl.conf @@ -1,67 +1,4 @@ -# # /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additonal system variables -# See sysctl.conf (5) for information. -# - -#kernel.domainname = example.com - -# Uncomment the following to stop low-level messages on console -#kernel.printk = 4 4 1 7 - -##############################################################3 -# Functions previously found in netbase -# - -# Uncomment the next two lines to enable Spoof protection (reverse-path filter) -# Turn on Source Address Verification in all interfaces to -# prevent some spoofing attacks -#net.ipv4.conf.default.rp_filter=1 -#net.ipv4.conf.all.rp_filter=1 - -# Uncomment the next line to enable TCP/IP SYN cookies -# This disables TCP Window Scaling (http://lkml.org/lkml/2008/2/5/167), -# and is not recommended. -#net.ipv4.tcp_syncookies=1 - -# Uncomment the next line to enable packet forwarding for IPv4 -#net.ipv4.ip_forward=1 - -# Uncomment the next line to enable packet forwarding for IPv6 -#net.ipv6.conf.all.forwarding=1 - - -################################################################### -# Additional settings - these settings can improve the network -# security of the host and prevent against some network attacks -# including spoofing attacks and man in the middle attacks through -# redirection. Some network environments, however, require that these -# settings are disabled so review and enable them as needed. -# -# Ignore ICMP broadcasts -#net.ipv4.icmp_echo_ignore_broadcasts = 1 -# -# Ignore bogus ICMP errors -#net.ipv4.icmp_ignore_bogus_error_responses = 1 -# -# Do not accept ICMP redirects (prevent MITM attacks) -#net.ipv4.conf.all.accept_redirects = 0 -#net.ipv6.conf.all.accept_redirects = 0 -# _or_ -# Accept ICMP redirects only for gateways listed in our default -# gateway list (enabled by default) -# net.ipv4.conf.all.secure_redirects = 1 -# -# Do not send ICMP redirects (we are not a router) -#net.ipv4.conf.all.send_redirects = 0 -# -# Do not accept IP source route packets (we are not a router) -#net.ipv4.conf.all.accept_source_route = 0 -#net.ipv6.conf.all.accept_source_route = 0 -# -# Log Martian Packets -#net.ipv4.conf.all.log_martians = 1 -# -# The contents of /proc//maps and smaps files are only visible to -# readers that are allowed to ptrace() the process -# kernel.maps_protect = 1 +# See Documentation/sysctl and Documentation/net/ip-sysctl.txt for more info on +# the meaning of vars.