Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # ----- My sysctl.conf ----- #
- # ... Processus/User ...
- security.bsd.see_other_uids=0
- # ... Optimize TCP/IP
- net.inet.ip.random_id=1
- net.inet.tcp.sendspace=33137
- net.inet.tcp.recvspace=33137
- net.inet.ip.ttl=99
- # ... secure tcp ...
- net.inet.tcp.drop_synfin=1
- net.inet.tcp.sack.enable=0
- net.inet.tcp.rfc1323=0
- # ... No response on error packet ...
- net.inet.tcp.blackhole=2
- net.inet.udp.blackhole=1
- # ... See connect on no listen socket ...
- net.inet.tcp.log_in_vain=1
- net.inet.udp.log_in_vain=1
- # ... Protect DDoS ...
- net.inet.icmp.maskrepl=0
- net.inet.icmp.bmcastecho=0
- net.inet.icmp.icmplim=300
- kern.ipc.somaxconn=4096
- kern.ipc.maxsockets=16424
- net.inet.tcp.always_keepalive=1
- # ... Protect DDoS system ...
- kern.maxprocperuid=128
- #kern.maxfiles=65536
- # ... Fix Bind File Descriptor ...
- kern.maxfilesperproc=4096
- # ... Anti ARP poison ...
- net.inet.ip.rtexpire=60
- net.inet.ip.rtminexpire=10
Add Comment
Please, Sign In to add comment