home *** CD-ROM | disk | FTP | other *** search

---

/ Personal Computer World 2009 February / PCWFEB09.iso / Software / Linux / Kubuntu 8.10 / kubuntu-8.10-desktop-i386.iso / casper / filesystem.squashfs / etc / ufw / sysctl.conf

< prev

next >

Wrap

Text File  |  2008-10-08  |  2KB  |  48 lines

---

1. #
2. # Configuration file for setting network variables. Please note these settings
3. # override /etc/sysctl.conf. If you prefer to use /etc/sysctl.conf, please
4. # adjust IPT_SYSCTL in /etc/default/ufw.
5. #
6.  
7. # Uncomment this to allow this host to route packets between interfaces
8. #net/ipv4/ip_forward=1
9. #net/ipv6/conf/default/forwarding=1
10.  
11. # Turn on Source Address Verification in all interfaces to prevent some
12. # spoofing attacks
13. net/ipv4/conf/all/rp_filter=1
14. net/ipv4/conf/default/rp_filter=1
15.  
16. # Do not accept IP source route packets (we are not a router)
17. net/ipv4/conf/all/accept_source_route=0
18. net/ipv4/conf/default/accept_source_route=0
19. net/ipv6/conf/all/accept_source_route=0
20. net/ipv6/conf/default/accept_source_route=0
21.  
22. # Do not accept ICMP redirects (prevent MITM attacks)
23. net/ipv4/conf/all/accept_redirects=0
24. net/ipv4/conf/default/accept_redirects=0
25. net/ipv6/conf/all/accept_redirects=0
26. net/ipv6/conf/default/accept_redirects=0
27.  
28. # Ignore bogus ICMP errors
29. net/ipv4/icmp_echo_ignore_broadcasts=1
30. net/ipv4/icmp_ignore_bogus_error_responses=1
31. net/ipv4/icmp_echo_ignore_all=0
32.  
33. # Don't log Martian Packets
34. net/ipv4/conf/all/log_martians=0
35. net/ipv4/conf/default/log_martians=0
36.  
37. # Change to '1' to enable TCP/IP SYN cookies This disables TCP Window Scaling
38. # (http://lkml.org/lkml/2008/2/5/167)
39. net/ipv4/tcp_syncookies=0
40.  
41. #net/ipv4/tcp_fin_timeout=30
42. #net/ipv4/tcp_keepalive_intvl=1800
43.  
44. # normally allowing tcp_sack is ok, but if going through OpenBSD 3.8 RELEASE or
45. # earlier pf firewall, should set this to 0
46. net/ipv4/tcp_sack=1
47.  
48.