FastHandle - IT Operations Examples

FastHandle is fast operation tools for infrastructure configurations and tests.

User Tools

Site Tools


os:linux:set:kernel:etc_sysctl.conf.html



Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
os:linux:set:kernel:etc_sysctl.conf.html [2018/01/07 23:50]
kurihara ↷ Page moved from os:set:etc_sysctl.conf.html to os:set:kernel:etc_sysctl.conf.html
os:linux:set:kernel:etc_sysctl.conf.html [2018/02/17 01:43] (current)
kurihara
Line 1: Line 1:
-~~NOTOC~~ +[[os:linux:set:index.html]] 
-[[os:set:index.html]] +====== /etc/sysctl.conf Example Configuration======
-====== /etc/sysctl.conf======+
  
 +\\
 +{{INLINETOC}}
 +\\
  
-===== /etc/sysctl.conf =====+===== My /etc/sysctl.conf =====
  
  
Line 63: Line 65:
 kernel.pid_max = 131072   # default 32768 kernel.pid_max = 131072   # default 32768
  
 +</sxh>
 +
 +\\
 +===== CentOS7 Defautl /etc/sysctl.conf =====
 +
 +<sxh bash toolbar:false gutter:false>
 +# System default settings live in /usr/lib/sysctl.d/00-system.conf.
 +# To override those settings, enter new settings here, or in an /etc/sysctl.d/<name>.conf file
 +#
 +# For more information, see sysctl.conf(5) and sysctl.d(5).
 +</sxh>
 +
 +\\
 +===== Ubuntu16.0.4 Default /etc/sysctl.conf =====
 +
 +<sxh bash toolbar:false gutter:false>
 +#
 +# /etc/sysctl.conf - Configuration file for setting system variables
 +# See /etc/sysctl.d/ for additional system variables.
 +# See sysctl.conf (5) for information.
 +#
 +
 +#kernel.domainname = example.com
 +
 +# Uncomment the following to stop low-level messages on console
 +#kernel.printk = 3 4 1 3
 +
 +##############################################################3
 +# Functions previously found in netbase
 +#
 +
 +# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
 +# Turn on Source Address Verification in all interfaces to
 +# prevent some spoofing attacks
 +#net.ipv4.conf.default.rp_filter=1
 +#net.ipv4.conf.all.rp_filter=1
 +
 +# Uncomment the next line to enable TCP/IP SYN cookies
 +# See http://lwn.net/Articles/277146/
 +# Note: This may impact IPv6 TCP sessions too
 +#net.ipv4.tcp_syncookies=1
 +
 +# Uncomment the next line to enable packet forwarding for IPv4
 +net.ipv4.ip_forward=1
 +
 +# Uncomment the next line to enable packet forwarding for IPv6
 +#  Enabling this option disables Stateless Address Autoconfiguration
 +#  based on Router Advertisements for this host
 +#net.ipv6.conf.all.forwarding=1
 +
 +
 +###################################################################
 +# Additional settings - these settings can improve the network
 +# security of the host and prevent against some network attacks
 +# including spoofing attacks and man in the middle attacks through
 +# redirection. Some network environments, however, require that these
 +# settings are disabled so review and enable them as needed.
 +#
 +# Do not accept ICMP redirects (prevent MITM attacks)
 +#net.ipv4.conf.all.accept_redirects = 0
 +#net.ipv6.conf.all.accept_redirects = 0
 +# _or_
 +# Accept ICMP redirects only for gateways listed in our default
 +# gateway list (enabled by default)
 +# net.ipv4.conf.all.secure_redirects = 1
 +#
 +# Do not send ICMP redirects (we are not a router)
 +#net.ipv4.conf.all.send_redirects = 0
 +#
 +# Do not accept IP source route packets (we are not a router)
 +#net.ipv4.conf.all.accept_source_route = 0
 +#net.ipv6.conf.all.accept_source_route = 0
 +#
 +# Log Martian Packets
 +#net.ipv4.conf.all.log_martians = 1
 +#
 +
 +net.ipv6.conf.all.disable_ipv6 = 1
 +net.ipv6.conf.default.disable_ipv6 = 1
 +net.ipv6.conf.default.autoconf=0
 </sxh> </sxh>
  
Line 73: Line 155:
 \\ \\
 \\ \\
-[[os:set:index.html]]+[[os:linux:set:index.html]]


os/linux/set/kernel/etc_sysctl.conf.html.1515336646.txt.gz · Last modified: 2018/01/07 23:50 by kurihara