Suggestion for some network parameter defaults

Troels Arvin troels at arvin.dk
Mon Nov 29 11:51:22 UTC 2004


On Mon, 29 Nov 2004 12:40:14 +0100, Ralf Ertzinger wrote:

> net.ipv4.conf.all.rp_filter                (current: 0, proposed: 1)

1 is already the default in /etc/sysctl.conf although it's set as
net.ipv4.conf.default.rp_filter which should be the right way, as far as I
know. sysctl.conf is part of the "initscripts" package.

> net.ipv4.conf.all.accept_redirects         (current: 1, proposed: 0)

I don't have an opinon on this one, so for me, it's OK to use the kernel's
default value.

> net.ipv4.icmp_echo_ignore_broadcasts       (current: 0, proposed: 1)

I actually find it useful that ping broadcasts are allowed, to be able to
quickly see which hosts are up.

> net.ipv4.icmp_ignore_bogus_error_responses (current: 0, proposed: 1)

No opinion.

-- 
Greetings from Troels Arvin, Copenhagen, Denmark





More information about the fedora-devel-list mailing list