factory-default: Define accept_local sysctl

author: Bertrand Jacquin <bertrand@jacquin.bzh> 2019-11-25 00:02:40 +0000
committer: Bertrand Jacquin <bertrand@jacquin.bzh> 2019-11-27 22:58:58 +0000
commit: eeaf1a83a0542acf6b86362db18772def8d2d743 (patch)
tree: 638d6d68236b94d4fb1fded683219a24368d1b24
parent: profiles/server: Disable threads for www-servers/apache (diff)
download: portage-eeaf1a83a0542acf6b86362db18772def8d2d743.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/factory-default/sys-apps/baselayout/etc/sysctl.conf b/factory-default/sys-apps/baselayout/etc/sysctl.conf
index 7a328896..b73624d8 100644
--- a/factory-default/sys-apps/baselayout/etc/sysctl.conf
+++ b/factory-default/sys-apps/baselayout/etc/sysctl.conf
@@ -133,6 +133,10 @@ net.ipv6.conf.default.accept_source_route = 0
 net.ipv4.conf.all.rp_filter = 1
 net.ipv4.conf.default.rp_filter = 1
 
+# Deny packets with local source addresses
+net.ipv4.conf.all.accept_local = 0
+net.ipv4.conf.default.accept_local = 0
+
 # Log bad packet
 net.ipv4.conf.all.log_martians = 1
 net.ipv4.conf.default.log_martians = 1
author	Bertrand Jacquin <bertrand@jacquin.bzh>	2019-11-25 00:02:40 +0000
committer	Bertrand Jacquin <bertrand@jacquin.bzh>	2019-11-27 22:58:58 +0000
commit	eeaf1a83a0542acf6b86362db18772def8d2d743 (patch)
tree	638d6d68236b94d4fb1fded683219a24368d1b24
parent	profiles/server: Disable threads for www-servers/apache (diff)
download	portage-eeaf1a83a0542acf6b86362db18772def8d2d743.tar.xz