Hi.
I have been using the following changes to some network parameters on all
of my machines for a long time, and I was wondering whether they ought to
be set by default.
net.ipv4.conf.all.rp_filter (current: 0, proposed: 1)
net.ipv4.conf.all.accept_redirects (current: 1, proposed: 0)
net.ipv4.icmp_echo_ignore_broadcasts (current: 0, proposed: 1)
net.ipv4.icmp_ignore_bogus_error_responses (current: 0, proposed: 1)
While I admit that the current values can serve a certain use in some
situations, I think that in the majority of configurations the proposed
values are more sensible.
--
"Carpe dentem! Seize the teeth!" -- Mrs Doubtfire