As a ubuntu server, I made some change to sysctl setting. In order to help firewall and iptables setting. In some cases, sysctl.conf can be helpful to prevent an attact from any hacker.

This is the sysctl.conf configuration that I used.

<div style=”color:blue;”>net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.accept_source_route = 0</div>

Take a note to net.ipv4.icmp_echo_ignore_all=1 that one of the setting. While net.ip4.ip_forwarding is to indicate that the internet line in the server is forwarding.

This is just a small knowledge I learnt.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.