FastHandle is fast operation tools for infrastructure configurations and tests.
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
os:linux:set:kernel:etc_sysctl.conf.html [2017/12/21 01:30] kurihara ↷ Links adapted because of a move operation |
os:linux:set:kernel:etc_sysctl.conf.html [2018/02/17 01:43] kurihara |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ~~NOTOC~~ | + | [[os:linux: |
- | [[os: | + | ====== / |
- | ====== / | + | |
+ | \\ | ||
+ | {{INLINETOC}} | ||
+ | \\ | ||
- | ===== / | + | ===== My / |
Line 63: | Line 65: | ||
kernel.pid_max = 131072 | kernel.pid_max = 131072 | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | ===== CentOS7 Defautl / | ||
+ | |||
+ | <sxh bash toolbar: | ||
+ | # System default settings live in / | ||
+ | # To override those settings, enter new settings here, or in an / | ||
+ | # | ||
+ | # For more information, | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | ===== Ubuntu16.0.4 Default / | ||
+ | |||
+ | <sxh bash toolbar: | ||
+ | # | ||
+ | # / | ||
+ | # See / | ||
+ | # See sysctl.conf (5) for information. | ||
+ | # | ||
+ | |||
+ | # | ||
+ | |||
+ | # Uncomment the following to stop low-level messages on console | ||
+ | # | ||
+ | |||
+ | ############################################################## | ||
+ | # Functions previously found in netbase | ||
+ | # | ||
+ | |||
+ | # Uncomment the next two lines to enable Spoof protection (reverse-path filter) | ||
+ | # Turn on Source Address Verification in all interfaces to | ||
+ | # prevent some spoofing attacks | ||
+ | # | ||
+ | # | ||
+ | |||
+ | # Uncomment the next line to enable TCP/IP SYN cookies | ||
+ | # See http:// | ||
+ | # Note: This may impact IPv6 TCP sessions too | ||
+ | # | ||
+ | |||
+ | # Uncomment the next line to enable packet forwarding for IPv4 | ||
+ | net.ipv4.ip_forward=1 | ||
+ | |||
+ | # Uncomment the next line to enable packet forwarding for IPv6 | ||
+ | # Enabling this option disables Stateless Address Autoconfiguration | ||
+ | # based on Router Advertisements for this host | ||
+ | # | ||
+ | |||
+ | |||
+ | ################################################################### | ||
+ | # Additional settings - these settings can improve the network | ||
+ | # security of the host and prevent against some network attacks | ||
+ | # including spoofing attacks and man in the middle attacks through | ||
+ | # redirection. Some network environments, | ||
+ | # settings are disabled so review and enable them as needed. | ||
+ | # | ||
+ | # Do not accept ICMP redirects (prevent MITM attacks) | ||
+ | # | ||
+ | # | ||
+ | # _or_ | ||
+ | # Accept ICMP redirects only for gateways listed in our default | ||
+ | # gateway list (enabled by default) | ||
+ | # net.ipv4.conf.all.secure_redirects = 1 | ||
+ | # | ||
+ | # Do not send ICMP redirects (we are not a router) | ||
+ | # | ||
+ | # | ||
+ | # Do not accept IP source route packets (we are not a router) | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # Log Martian Packets | ||
+ | # | ||
+ | # | ||
+ | |||
+ | net.ipv6.conf.all.disable_ipv6 = 1 | ||
+ | net.ipv6.conf.default.disable_ipv6 = 1 | ||
+ | net.ipv6.conf.default.autoconf=0 | ||
</ | </ | ||
Line 73: | Line 155: | ||
\\ | \\ | ||
\\ | \\ | ||
- | [[os: | + | [[os:linux: |
My Sites
SNS
Copyright (c) 2024 FastHandle - IT Operations Examples All Rights Reserved.