Never been to TextSnippets before?

Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world (or not, you can keep them private!)

/etc/sysctl.conf (See related posts)

These are my settings for sysctl.conf
# Max number of incoming connections in queue
kern.ipc.somaxconn=512
# Maximum number of processes
kern.maxproc=2048
kern.maxprocperuid=1024
# Network buffers; 2K each; check current usage with `netstat -m`
kern.ipc.nmbclusters=2048
kern.ipc.maxsockets=2048
# Maximum segment size; other possible values are 1452 and 1460
net.inet.tcp.mssdflt=1440
# Window scaling is only necessary if buffers > 64K
net.inet.tcp.rfc1323=0
# Increase buffer sizes
kern.ipc.maxsockbuf=131070
net.inet.tcp.sendspace=32768
net.inet.tcp.recvspace=65535
net.inet.udp.recvspace=65535
net.inet.udp.maxdgram=57344
net.inet.raw.recvspace=65535
# Max number of ICMP "Unreachable" and also TCP RST packets per second
net.inet.icmp.icmplim=50
# Stop redirects
net.inet.icmp.drop_redirect=1
net.inet.icmp.log_redirect=1
net.inet.ip.redirect=0
# Stop source routing
net.inet.ip.sourceroute=0
net.inet.ip.accept_sourceroute=0
# Stop broadcast ECHO response
net.inet.icmp.bmcastecho=0
# Stop other broadcast probes
net.inet.icmp.maskrepl=0
# Cuts down on the number of tiny packets
net.inet.tcp.delayed_ack=1
# Turn off forwarding/routing
net.inet.ip.forwarding=0
# Defend against sequence number attacks
net.inet.tcp.strict_rfc1948=1
# Defend agains stealth simple port scans
net.inet.udp.blackhole=1
net.inet.tcp.blackhole=2
# Expire dead connections
net.inet.tcp.always_keepalive=1
net.inet.tcp.keepintvl: 1500
net.inet.tcp.keepinit: 3000
# Verbose firewall logging
net.inet.ip.fw.verbose=1
net.inet.ip.fw.verbose_limit=65535
# Prevent core dumps
kern.coredump=0

You need to create an account or log in to post comments to this site.


Related Posts