diff options
author | Bertrand Jacquin <bertrand@jacquin.bzh> | 2019-11-28 22:47:11 +0000 |
---|---|---|
committer | Bertrand Jacquin <bertrand@jacquin.bzh> | 2019-11-28 22:47:11 +0000 |
commit | 31a3bdf53066a9818a8426cb671c345882684a35 (patch) | |
tree | 241dd0bfe6ea7d1add22dccc69de5997a9a4a4e4 | |
parent | net-p2p/xmr-stak-rx: add net-p2p/xmr-stak-rx (diff) | |
download | portage-31a3bdf53066a9818a8426cb671c345882684a35.tar.xz |
factory-default: add sysctl to limit ICMP packets rate
-rw-r--r-- | factory-default/sys-apps/baselayout/etc/sysctl.conf | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/factory-default/sys-apps/baselayout/etc/sysctl.conf b/factory-default/sys-apps/baselayout/etc/sysctl.conf index f2e5bd0d..21a5fabf 100644 --- a/factory-default/sys-apps/baselayout/etc/sysctl.conf +++ b/factory-default/sys-apps/baselayout/etc/sysctl.conf @@ -151,6 +151,10 @@ net.ipv4.icmp_echo_ignore_broadcasts = 1 # Ignore bogus responses to broadcast net.ipv4.icmp_ignore_bogus_error_responses = 1 +# Rate limit ICMP packets to 4 per second +net.ipv4.icmp_ratemask = 0xFFFF +net.ipv4.icmp_ratelimit = 25 + # Enable SYN cookies net.ipv4.tcp_syncookies = 1 |