Tuning sysctl.conf file on Ubuntu

sysctl is used to modify kernel parameters at runtime. The parameters available are those listed under /proc/sys/. Procfs is required for sysctl support in Linux. You can use sysctl to both read and write sysctl data.

/etc/sysctl.conf is the typical file, in which you can make the below modifications.

# Controls IP packet forwarding
net.ipv4.ip_forward = 0

# Ignore all ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1

# Prevent against the common 'syn flood attack'
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_max_syn_backlog = 5120

net.ipv4.netfilter.ip_conntrack_max = 196608
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv=45

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1

# Accept Redirects? No, this is not router
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0

To load settings, enter:
$ sudo sysctl -p