/[baselayout]/trunk/etc.Linux/sysctl.conf
Gentoo

Contents of /trunk/etc.Linux/sysctl.conf

Parent Directory Parent Directory | Revision Log Revision Log


Revision 3205 - (show annotations) (download)
Fri Jan 25 05:58:58 2013 UTC (17 months, 2 weeks ago) by vapier
File MIME type: text/plain
File size: 1785 byte(s)
sysctl.conf: document new net.ipv4.ping_group_range option
1 # /etc/sysctl.conf
2 #
3 # For more information on how this file works, please see
4 # the manpages sysctl(8) and sysctl.conf(5).
5 #
6 # In order for this file to work properly, you must first
7 # enable 'Sysctl support' in the kernel.
8 #
9 # Look in /proc/sys/ for all the things you can setup.
10 #
11
12 # Disables packet forwarding
13 net.ipv4.ip_forward = 0
14 # Disables IP dynaddr
15 #net.ipv4.ip_dynaddr = 0
16 # Disable ECN
17 #net.ipv4.tcp_ecn = 0
18 # Enables source route verification
19 net.ipv4.conf.default.rp_filter = 1
20 # Enable reverse path
21 net.ipv4.conf.all.rp_filter = 1
22
23 # Enable SYN cookies (yum!)
24 # http://cr.yp.to/syncookies.html
25 #net.ipv4.tcp_syncookies = 1
26
27 # Enable people in the specified (min, max) group range to send ICMP_ECHO
28 # messages (i.e. ping) and receive ICMP_ECHOREPLY responses. This allows
29 # you to run non-suid and non-caps `ping`, but it also means anyone with
30 # a gid in this range can send those packets (not just via `ping`).
31 #net.ipv4.ping_group_range = 100 100
32
33 # Disable source route
34 #net.ipv4.conf.all.accept_source_route = 0
35 #net.ipv4.conf.default.accept_source_route = 0
36
37 # Disable redirects
38 #net.ipv4.conf.all.accept_redirects = 0
39 #net.ipv4.conf.default.accept_redirects = 0
40
41 # Disable secure redirects
42 #net.ipv4.conf.all.secure_redirects = 0
43 #net.ipv4.conf.default.secure_redirects = 0
44
45 # Ignore ICMP broadcasts
46 #net.ipv4.icmp_echo_ignore_broadcasts = 1
47
48 # Disables the magic-sysrq key
49 #kernel.sysrq = 0
50 # When the kernel panics, automatically reboot in 3 seconds
51 #kernel.panic = 3
52 # Allow for more PIDs (cool factor!); may break some programs
53 #kernel.pid_max = 999999
54
55 # You should compile nfsd into the kernel or add it
56 # to modules.autoload for this to work properly
57 # TCP Port for lock manager
58 #fs.nfs.nlm_tcpport = 0
59 # UDP Port for lock manager
60 #fs.nfs.nlm_udpport = 0

  ViewVC Help
Powered by ViewVC 1.1.20