]>
Commit | Line | Data |
---|---|---|
cd1a2927 MT |
1 | net.ipv4.ip_forward = 1 |
2 | net.ipv4.ip_dynaddr = 1 | |
fa822954 | 3 | |
cd1a2927 MT |
4 | net.ipv4.icmp_echo_ignore_broadcasts = 1 |
5 | net.ipv4.icmp_ignore_bogus_error_responses = 1 | |
32c6ebdc MT |
6 | net.ipv4.icmp_ratelimit = 1000 |
7 | net.ipv4.icmp_ratemask = 6168 | |
cd1a2927 | 8 | |
cd1a2927 MT |
9 | net.ipv4.tcp_syncookies = 1 |
10 | net.ipv4.tcp_fin_timeout = 30 | |
cd1a2927 MT |
11 | net.ipv4.tcp_syn_retries = 3 |
12 | net.ipv4.tcp_synack_retries = 3 | |
13 | ||
ed37f707 | 14 | net.ipv4.conf.default.arp_filter = 1 |
cd1a2927 MT |
15 | net.ipv4.conf.default.rp_filter = 0 |
16 | net.ipv4.conf.default.accept_redirects = 0 | |
17 | net.ipv4.conf.default.accept_source_route = 0 | |
18 | net.ipv4.conf.default.log_martians = 1 | |
19 | ||
ed37f707 | 20 | net.ipv4.conf.all.arp_filter = 1 |
cd1a2927 MT |
21 | net.ipv4.conf.all.rp_filter = 0 |
22 | net.ipv4.conf.all.accept_redirects = 0 | |
23 | net.ipv4.conf.all.accept_source_route = 0 | |
24 | net.ipv4.conf.all.log_martians = 1 | |
25 | ||
26 | kernel.printk = 1 4 1 7 | |
832eec23 | 27 | vm.swappiness=0 |
dc931fba | 28 | vm.mmap_min_addr = 4096 |
d1605d08 | 29 | vm.min_free_kbytes = 8192 |
a30c7aa3 MT |
30 | |
31 | # Disable IPv6 by default. | |
32 | net.ipv6.conf.all.disable_ipv6 = 1 | |
33 | net.ipv6.conf.default.disable_ipv6 = 1 | |
1108a15c MT |
34 | |
35 | # Enable netfilter accounting | |
36 | net.netfilter.nf_conntrack_acct=1 |