| … | |
… | |
| 21 | net.ipv4.conf.all.rp_filter = 1 |
21 | net.ipv4.conf.all.rp_filter = 1 |
| 22 | |
22 | |
| 23 | # Enable SYN cookies (yum!) |
23 | # Enable SYN cookies (yum!) |
| 24 | # http://cr.yp.to/syncookies.html |
24 | # http://cr.yp.to/syncookies.html |
| 25 | #net.ipv4.tcp_syncookies = 1 |
25 | #net.ipv4.tcp_syncookies = 1 |
|
|
26 | |
|
|
27 | # Enable people in the specified (min, max) group range to send ICMP_ECHO |
|
|
28 | # messages (i.e. ping) and receive ICMP_ECHOREPLY responses. This allows |
|
|
29 | # you to run non-suid and non-caps `ping`, but it also means anyone with |
|
|
30 | # a gid in this range can send those packets (not just via `ping`). |
|
|
31 | #net.ipv4.ping_group_range = 100 100 |
| 26 | |
32 | |
| 27 | # Disable source route |
33 | # Disable source route |
| 28 | #net.ipv4.conf.all.accept_source_route = 0 |
34 | #net.ipv4.conf.all.accept_source_route = 0 |
| 29 | #net.ipv4.conf.default.accept_source_route = 0 |
35 | #net.ipv4.conf.default.accept_source_route = 0 |
| 30 | |
36 | |
Parent Directory
| 
Revision Log
| 
Patch