Differences

This shows you the differences between two versions of the page.

--- os:linux:set:kernel:etc_sysctl.conf.html [2017/11/18 01:30]
kurihara
+++ os:linux:set:kernel:etc_sysctl.conf.html [2018/02/17 01:43] (current)
kurihara
@@ Line 1: / Line 1: @@
-[[os:index.html|]]
+[[os:linux:set:index.html]]
-====== Configuration of /etc/sysctl.conf ======
+====== /etc/sysctl.conf Example Configuration======
+\\
+{{INLINETOC}}
+\\
-===== /etc/sysctl.conf =====
+===== My /etc/sysctl.conf =====
@@ Line 31: / Line 34: @@
 # Network
 #------------------------------------------------------------------------------
-# keepalive
+# TCP keepalive
 net.ipv4.tcp_keepalive_time = 60  # defautl 7200
 net.ipv4.tcp_keepalive_intvl = 3  # default 75
@@ Line 38: / Line 41: @@
 # 60sec + 3sec * 9 = 567sec = 9.56min
+# tcp connection
-# disable IPv6
+net.nf_conntrack_max = 1048576
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.lo.disable_ipv6 = 1
-net.ipv6.conf.default.disable_ipv6 = 1
 # port exhaustion
@@ Line 52: / Line 52: @@
 net.ipv4.tcp_tw_reuse = 1
+# disable IPv6 (CentOS7)
+net.ipv6.conf.all.disable_ipv6 = 1
+net.ipv6.conf.lo.disable_ipv6 = 1
+net.ipv6.conf.default.disable_ipv6 = 1
@@ Line 62: / Line 67: @@
 </sxh>
+\\
+===== CentOS7 Defautl /etc/sysctl.conf =====
+<sxh bash toolbar:false gutter:false>
+# System default settings live in /usr/lib/sysctl.d/00-system.conf.
+# To override those settings, enter new settings here, or in an /etc/sysctl.d/<name>.conf file
+#
+# For more information, see sysctl.conf(5) and sysctl.d(5).
+</sxh>
+\\
+===== Ubuntu16.0.4 Default /etc/sysctl.conf =====
+<sxh bash toolbar:false gutter:false>
+#
+# /etc/sysctl.conf - Configuration file for setting system variables
+# See /etc/sysctl.d/ for additional system variables.
+# See sysctl.conf (5) for information.
+#
+#kernel.domainname = example.com
+# Uncomment the following to stop low-level messages on console
+#kernel.printk = 3 4 1 3
+##############################################################3
+# Functions previously found in netbase
+#
+# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
+# Turn on Source Address Verification in all interfaces to
+# prevent some spoofing attacks
+#net.ipv4.conf.default.rp_filter=1
+#net.ipv4.conf.all.rp_filter=1
+# Uncomment the next line to enable TCP/IP SYN cookies
+# See http://lwn.net/Articles/277146/
+# Note: This may impact IPv6 TCP sessions too
+#net.ipv4.tcp_syncookies=1
+# Uncomment the next line to enable packet forwarding for IPv4
+net.ipv4.ip_forward=1
+# Uncomment the next line to enable packet forwarding for IPv6
+#  Enabling this option disables Stateless Address Autoconfiguration
+#  based on Router Advertisements for this host
+#net.ipv6.conf.all.forwarding=1
+###################################################################
+# Additional settings - these settings can improve the network
+# security of the host and prevent against some network attacks
+# including spoofing attacks and man in the middle attacks through
+# redirection. Some network environments, however, require that these
+# settings are disabled so review and enable them as needed.
+#
+# Do not accept ICMP redirects (prevent MITM attacks)
+#net.ipv4.conf.all.accept_redirects = 0
+#net.ipv6.conf.all.accept_redirects = 0
+# _or_
+# Accept ICMP redirects only for gateways listed in our default
+# gateway list (enabled by default)
+# net.ipv4.conf.all.secure_redirects = 1
+#
+# Do not send ICMP redirects (we are not a router)
+#net.ipv4.conf.all.send_redirects = 0
+#
+# Do not accept IP source route packets (we are not a router)
+#net.ipv4.conf.all.accept_source_route = 0
+#net.ipv6.conf.all.accept_source_route = 0
+#
+# Log Martian Packets
+#net.ipv4.conf.all.log_martians = 1
+#
+net.ipv6.conf.all.disable_ipv6 = 1
+net.ipv6.conf.default.disable_ipv6 = 1
+net.ipv6.conf.default.autoconf=0
+</sxh>
+\\
+<WRAP box 90%>
+<catlist ..: -noAddPageButton -smallHead>
+</WRAP>
 \\
 \\
-[[os:index.html|]]
+[[os:linux:set:index.html]]

FastHandle - IT Operations Examples

User Tools

Site Tools

Differences

Page Tools