factory-default/sys-apps/baselayout: add ipv6 icmp ratelimit

author: Bertrand Jacquin <bertrand@jacquin.bzh> 2023-09-12 00:05:21 +0100
committer: Bertrand Jacquin <bertrand@jacquin.bzh> 2023-09-12 00:06:08 +0100
commit: a6afa3068f3dbab114c6bbee7e6b485f6a80bce4 (patch)
tree: 5c687ed791d7a522415dd10ad65c3c2019a26d5d /factory-default
parent: factory-default/sys-apps/baselayout: Ignore ICMP multicast/broadcast for ipv6 (diff)
download: portage-a6afa3068f3dbab114c6bbee7e6b485f6a80bce4.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/factory-default/sys-apps/baselayout/etc/sysctl.conf b/factory-default/sys-apps/baselayout/etc/sysctl.conf
index 6ecec665..40d8fa2a 100644
--- a/factory-default/sys-apps/baselayout/etc/sysctl.conf
+++ b/factory-default/sys-apps/baselayout/etc/sysctl.conf
@@ -178,7 +178,9 @@ net.ipv4.icmp_ignore_bogus_error_responses = 1
 
 # Rate limit ICMP packets to 4 per second
 net.ipv4.icmp_ratemask = 0xFFFF
+net.ipv6.icmp.ratemask = 0-255
 net.ipv4.icmp_ratelimit = 25
+net.ipv6.icmp.ratelimit = 25
 
 # Enable SYN cookies
 net.ipv4.tcp_syncookies = 1
author	Bertrand Jacquin <bertrand@jacquin.bzh>	2023-09-12 00:05:21 +0100
committer	Bertrand Jacquin <bertrand@jacquin.bzh>	2023-09-12 00:06:08 +0100
commit	a6afa3068f3dbab114c6bbee7e6b485f6a80bce4 (patch)
tree	5c687ed791d7a522415dd10ad65c3c2019a26d5d /factory-default
parent	factory-default/sys-apps/baselayout: Ignore ICMP multicast/broadcast for ipv6 (diff)
download	portage-a6afa3068f3dbab114c6bbee7e6b485f6a80bce4.tar.xz