# # Kernel sysctl configuration file # # /etc/sysctl.conf - Configuration file for setting system variables # See sysctl(8) and sysctl.conf (5) for more details. # Enable IP packet forwarding between interfaces (act as a firewall, or router) #net.ipv4.ip_forward = 1 # Disable ICMP redirect messages net.ipv4.conf.all.accept_redirects = 0 # Do not accept source routing net.ipv4.conf.all.accept_source_route = 0 # Log packages that have source addresses with no known route ("martians") net.ipv4.conf.all.log_martians = 1 # Controls source route verification net.ipv4.conf.all.rp_filter = 1 # Enable ECN (Explicit Congestion Notification) in TCP connections net.ipv4.tcp_ecn = 2 # Enable syncookies to hosts when the kernels syn backlog queue is overflowed net.ipv4.tcp_syncookies = 1 # Ignore ICMP messages sent to broadcast or multicast addresses net.ipv4.icmp_echo_ignore_broadcasts = 1 # Do not log bogus responses to broadcast frames send by hosts that ignore RFC 1122 #net.ipv4.icmp_ignore_bogus_error_responses = 1 # Ensure TCP window scaling is enabled net.ipv4.tcp_window_scaling = 1 # Controls the System Request debugging functionality of the kernel # kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 # Increment default user inotify watches limit fs.inotify.max_user_watches=524288