From 0f35a7446b6610fb34f0eb32d883b9b9740e3a6c Mon Sep 17 00:00:00 2001 From: Matthijs Kooijman Date: Mon, 27 Apr 2009 09:28:33 +0200 Subject: [PATCH] system: Remove all commented entries from sysctl.conf. --- etc/sysctl.conf | 67 ++----------------------------------------------- 1 file changed, 2 insertions(+), 65 deletions(-) diff --git a/etc/sysctl.conf b/etc/sysctl.conf index 6cd0aeb..4c0e782 100644 --- a/etc/sysctl.conf +++ b/etc/sysctl.conf @@ -1,67 +1,4 @@ -# # /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additonal system variables -# See sysctl.conf (5) for information. -# - -#kernel.domainname = example.com - -# Uncomment the following to stop low-level messages on console -#kernel.printk = 4 4 1 7 - -##############################################################3 -# Functions previously found in netbase -# - -# Uncomment the next two lines to enable Spoof protection (reverse-path filter) -# Turn on Source Address Verification in all interfaces to -# prevent some spoofing attacks -#net.ipv4.conf.default.rp_filter=1 -#net.ipv4.conf.all.rp_filter=1 - -# Uncomment the next line to enable TCP/IP SYN cookies -# This disables TCP Window Scaling (http://lkml.org/lkml/2008/2/5/167), -# and is not recommended. -#net.ipv4.tcp_syncookies=1 - -# Uncomment the next line to enable packet forwarding for IPv4 -#net.ipv4.ip_forward=1 - -# Uncomment the next line to enable packet forwarding for IPv6 -#net.ipv6.conf.all.forwarding=1 - - -################################################################### -# Additional settings - these settings can improve the network -# security of the host and prevent against some network attacks -# including spoofing attacks and man in the middle attacks through -# redirection. Some network environments, however, require that these -# settings are disabled so review and enable them as needed. -# -# Ignore ICMP broadcasts -#net.ipv4.icmp_echo_ignore_broadcasts = 1 -# -# Ignore bogus ICMP errors -#net.ipv4.icmp_ignore_bogus_error_responses = 1 -# -# Do not accept ICMP redirects (prevent MITM attacks) -#net.ipv4.conf.all.accept_redirects = 0 -#net.ipv6.conf.all.accept_redirects = 0 -# _or_ -# Accept ICMP redirects only for gateways listed in our default -# gateway list (enabled by default) -# net.ipv4.conf.all.secure_redirects = 1 -# -# Do not send ICMP redirects (we are not a router) -#net.ipv4.conf.all.send_redirects = 0 -# -# Do not accept IP source route packets (we are not a router) -#net.ipv4.conf.all.accept_source_route = 0 -#net.ipv6.conf.all.accept_source_route = 0 -# -# Log Martian Packets -#net.ipv4.conf.all.log_martians = 1 -# -# The contents of /proc//maps and smaps files are only visible to -# readers that are allowed to ptrace() the process -# kernel.maps_protect = 1 +# See Documentation/sysctl and Documentation/net/ip-sysctl.txt for more info on +# the meaning of vars. -- 2.30.2