sysctl.conf-diff

1. rber@yocto-vm-1:/work/rber/poky-bernard-5.0-build-bb$ diff /work/rber/poky-bernard-5.0-build-bb/tmp/work/beagleboard-poky-linux-gnueabi/poky-image-lsb-sdk-1.0-r0/rootfs/etc/sysctl.conf /work/rber/poky-bernard-5.0-build-bb/tmp/work/beagleboard-poky-linux-gnueabi/poky-image-lsb-sdk-1.0-r0/rootfs/etc/sysctl.conf-opkg
2. 0a1
3. > # This configuration file is taken from Debian.
4. 2c3,4
5. < # Configuration file for setting system variables in /proc
6. ---
7. > # /etc/sysctl.conf - Configuration file for setting system variables
8. > # See sysctl.conf (5) for information.
9. 6d7
10. < #net/ipv4/icmp_echo_ignore_broadcasts=1
11. 8c9
12. < # the following stops low-level messages on console
13. ---
14. > # Uncomment the following to stop low-level messages on console
15. 11,14d11
16. < # enable /proc/$pid/maps privacy so that memory relocations are not
17. < # visible to other users.
18. < #kernel.maps_protect = 1
19. <
20. 19,20c16,20
21. < # Uncomment the next line to enable Spoof protection (reverse-path filter)
22. < #net.ipv4.conf.default.rp_filter=1
23. ---
24. > # Uncomment the next two lines to enable Spoof protection (reverse-path filter)
25. > # Turn on Source Address Verification in all interfaces to
26. > # prevent some spoofing attacks
27. > net.ipv4.conf.default.rp_filter=1
28. > net.ipv4.conf.all.rp_filter=1
29. 26c26
30. < #net.ipv4.conf.default.forwarding=1
31. ---
32. > #net.ipv4.ip_forward=1
33. 29c29,64
34. < #net.ipv6.conf.default.forwarding=1
35. ---
36. > #net.ipv6.conf.all.forwarding=1
37. >
38. >
39. > ###################################################################
40. > # Additional settings - these settings can improve the network
41. > # security of the host and prevent against some network attacks
42. > # including spoofing attacks and man in the middle attacks through
43. > # redirection. Some network environments, however, require that these
44. > # settings are disabled so review and enable them as needed.
45. > #
46. > # Ignore ICMP broadcasts
47. > #net.ipv4.icmp_echo_ignore_broadcasts = 1
48. > #
49. > # Ignore bogus ICMP errors
50. > #net.ipv4.icmp_ignore_bogus_error_responses = 1
51. > #
52. > # Do not accept ICMP redirects (prevent MITM attacks)
53. > #net.ipv4.conf.all.accept_redirects = 0
54. > #net.ipv6.conf.all.accept_redirects = 0
55. > # _or_
56. > # Accept ICMP redirects only for gateways listed in our default
57. > # gateway list (enabled by default)
58. > # net.ipv4.conf.all.secure_redirects = 1
59. > #
60. > # Do not send ICMP redirects (we are not a router)
61. > #net.ipv4.conf.all.send_redirects = 0
62. > #
63. > # Do not accept IP source route packets (we are not a router)
64. > #net.ipv4.conf.all.accept_source_route = 0
65. > #net.ipv6.conf.all.accept_source_route = 0
66. > #
67. > # Log Martian Packets
68. > #net.ipv4.conf.all.log_martians = 1
69. > #
70. >
71. > #kernel.shmmax = 141762560