sysctl is used to modify kernel parameters at runtime. The parameters available are those listed under /proc/sys/. Procfs is required for sysctl support in Linux. You can use sysctl to both read and write sysctl data.
/etc/sysctl.conf is the typical file, in which you can make the below modifications.
# Controls IP packet forwarding net.ipv4.ip_forward = 0 # Ignore all ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_echo_ignore_all = 1 # Prevent against the common 'syn flood attack' net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_syn_retries = 3 net.ipv4.tcp_synack_retries = 3 net.ipv4.tcp_max_syn_backlog = 5120 net.ipv4.netfilter.ip_conntrack_max = 196608 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv=45 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.all.rp_filter = 1 # Accept Redirects? No, this is not router net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.secure_redirects = 0
To load settings, enter:
$ sudo sysctl -p
