Annotation of embedaddon/strongswan/testing/hosts/default/etc/sysctl.conf, revision 1.1.1.1
1.1 misho 1: #
2: # /etc/sysctl.conf - Configuration file for setting system variables
3: # See /etc/sysctl.d/ for additional system variables
4: # See sysctl.conf (5) for information.
5: #
6:
7: #kernel.domainname = example.com
8:
9: # Uncomment the following to stop low-level messages on console
10: #kernel.printk = 3 4 1 3
11:
12: ##############################################################3
13: # Functions previously found in netbase
14: #
15:
16: # Uncomment the next two lines to enable Spoof protection (reverse-path filter)
17: # Turn on Source Address Verification in all interfaces to
18: # prevent some spoofing attacks
19: #net.ipv4.conf.default.rp_filter=1
20: #net.ipv4.conf.all.rp_filter=1
21:
22: # Uncomment the next line to enable TCP/IP SYN cookies
23: # See http://lwn.net/Articles/277146/
24: # Note: This may impact IPv6 TCP sessions too
25: #net.ipv4.tcp_syncookies=1
26:
27: # Uncomment the next line to enable packet forwarding for IPv4
28: net.ipv4.ip_forward=1
29:
30: # Uncomment the next line to enable packet forwarding for IPv6
31: # Enabling this option disables Stateless Address Autoconfiguration
32: # based on Router Advertisements for this host
33: net.ipv6.conf.all.forwarding=1
34:
35:
36: ###################################################################
37: # Additional settings - these settings can improve the network
38: # security of the host and prevent against some network attacks
39: # including spoofing attacks and man in the middle attacks through
40: # redirection. Some network environments, however, require that these
41: # settings are disabled so review and enable them as needed.
42: #
43: # Do not accept ICMP redirects (prevent MITM attacks)
44: #net.ipv4.conf.all.accept_redirects = 0
45: #net.ipv6.conf.all.accept_redirects = 0
46: # _or_
47: # Accept ICMP redirects only for gateways listed in our default
48: # gateway list (enabled by default)
49: # net.ipv4.conf.all.secure_redirects = 1
50: #
51: # Do not send ICMP redirects (we are not a router)
52: #net.ipv4.conf.all.send_redirects = 0
53: #
54: # Do not accept IP source route packets (we are not a router)
55: #net.ipv4.conf.all.accept_source_route = 0
56: #net.ipv6.conf.all.accept_source_route = 0
57: #
58: # Log Martian Packets
59: #net.ipv4.conf.all.log_martians = 1
60:
61: # Enable coredump for suid binaries
62: fs.suid_dumpable = 1
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sysctl.conf CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / hosts / default / etc