diff options
Diffstat (limited to 'sysconf/vyatta-sysctl.conf')
| -rw-r--r-- | sysconf/vyatta-sysctl.conf | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/sysconf/vyatta-sysctl.conf b/sysconf/vyatta-sysctl.conf index 736a7965..f1265e3b 100644 --- a/sysconf/vyatta-sysctl.conf +++ b/sysconf/vyatta-sysctl.conf @@ -30,3 +30,27 @@ net.ipv4.icmp_errors_use_inbound_ifaddr=1 # Enable packet forwarding for IPv6 net.ipv6.conf.all.forwarding=1 + +# Log packets with impossible addresses to kernel log +net.ipv4.conf.all.log_martians=1 + +# Do not ignore all ICMP ECHO requests by default +net.ipv4.icmp_echo_ignore_all=0 + +# Disable source validation by default +net.ipv4.conf.all.rp_filter=0 + +# Enable tcp syn-cookies by default +net.ipv4.tcp_syncookies=1 + +# Disable accept_redirects for all +net.ipv4.conf.all.accept_redirects=0 + +# Disable accept_redirects by default for any interface +net.ipv4.conf.default.accept_redirects=0 + +# Disable accept_source_route by default +net.ipv4.conf.all.accept_source_route=0 + +# Enable send_redirects by default +net.ipv4.conf.all.send_redirects=1 |