As a ubuntu server, I made some change to sysctl setting. In order to help firewall and iptables setting. In some cases, sysctl.conf can be helpful to prevent an attact from any hacker.
This is the sysctl.conf configuration that I used.
<div style=”color:blue;”>net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.accept_source_route = 0</div>
Take a note to net.ipv4.icmp_echo_ignore_all=1 that one of the setting. While net.ip4.ip_forwarding is to indicate that the internet line in the server is forwarding.
This is just a small knowledge I learnt.
Leave a Reply