# /etc/sysctl.conf - Configuration file for setting system variables
# See sysctl.conf (5) for information.

# you can have the CD-ROM close when you use it, and open
# when you are done.
#dev.cdrom.autoeject = 1
#dev.cdrom.autoclose = 1

# protection from the SYN flood attack
net/ipv4/tcp_syncookies=1

# see the evil packets in your log files
net/ipv4/conf/all/log_martians=1

# makes you vulnerable or not :-)
net/ipv4/conf/all/accept_redirects=0
net/ipv4/conf/all/accept_source_route=0
net/ipv4/icmp_echo_ignore_broadcasts =1

# needed for routing, including masquerading or NAT
#net/ipv4/ip_forward=1

# sets the port range used for outgoing connections
#net.ipv4.ip_local_port_range = 32768    61000

# Broken routers and obsolete firewalls will corrupt the window scaling
# and ECN. Set these values to 0 to disable window scaling and ECN.
# This may, rarely, cause some performance loss when running high-speed
# TCP/IP over huge distances or running TCP/IP over connections with high
# packet loss and modern routers. This sure beats dropped connections.
#net.ipv4.tcp_ecn = 0

# Swapping too much or not enough? Disks spinning up when you'd
# rather they didn't? Tweak these.
#vm.vfs_cache_pressure = 100
#vm.laptop_mode = 0
#vm.swappiness = 60

#kernel.printk_ratelimit_burst = 10
#kernel.printk_ratelimit = 5
#kernel.panic_on_oops = 0

# Reboot 600 seconds after a panic
#kernel.panic = 600

# enable SysRq key (note: console security issues)
#kernel.sysrq = 1

# Change name of core file to start with the command name
# so you get things like: emacs.core mozilla-bin.core X.core
#kernel.core_pattern = %e.core

# NIS/YP domain (not always equal to DNS domain)
#kernel.domainname = example.com
#kernel.hostname = darkstar

# This limits PID values to 4 digits, which allows tools like ps
# to save screen space.
kernel/pid_max=10000

# Protects against creating or following links under certain conditions
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks = 1
#fs.protected_symlinks = 1