| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 |
- # For more information on how this file works, please see
- # the manpages sysctl(8) and sysctl.conf(5).
- #
- # In order for this file to work properly, you must first
- # enable 'Sysctl support' in the kernel.
- #
- # Look in /proc/sys/ for all the things you can setup.
- #
- # Disables packet forwarding
- #net.ipv4.ip_forward = 0
- # Disables IP dynaddr
- #net.ipv4.ip_dynaddr = 0
- # Disable ECN
- #net.ipv4.tcp_ecn = 0
- # Enables source route verification
- net.ipv4.conf.default.rp_filter = 1
- # Enable reverse path
- net.ipv4.conf.all.rp_filter = 1
- # Enable SYN cookies
- # http://cr.yp.to/syncookies.html
- #net.ipv4.tcp_syncookies = 1
- # Disable source route
- #net.ipv4.conf.all.accept_source_route = 0
- #net.ipv4.conf.default.accept_source_route = 0
- # Disable redirects
- #net.ipv4.conf.all.accept_redirects = 0
- #net.ipv4.conf.default.accept_redirects = 0
- # Disable secure redirects
- #net.ipv4.conf.all.secure_redirects = 0
- #net.ipv4.conf.default.secure_redirects = 0
- # Enable NF_CONNTRACK_ACCT
- # net.netfilter.nf_conntrack_acct = 1
- # Ignore ICMP broadcasts
- net.ipv4.icmp_echo_ignore_broadcasts = 1
- # Disables the magic-sysrq key
- #kernel.sysrq = 0
- # When the kernel panics, automatically reboot in 3 seconds
- #kernel.panic = 3
- # Allow for more PIDs (cool factor!); may break some programs
- #kernel.pid_max = 999999
- # Controls whether core dumps will append the PID to the core filename.
- # Useful for debugging multi-threaded applications.
- kernel.core_uses_pid = 1
- # TCP Port for lock manager
- #fs.nfs.nlm_tcpport = 0
- # UDP Port for lock manager
- #fs.nfs.nlm_udpport = 0
- # default is 8k, nepomuk runs better with 512K
- fs.inotify.max_user_watches = 524288
|
