Differences

This shows you the differences between two versions of the page.

--- gnu_linux_server:network_configuration:firewall [2012/01/28 20:21] – guillaume
+++ gnu_linux_server:network_configuration:firewall [2021/01/04 20:41] (current) – external edit 127.0.0.1
@@ Line 158: / Line 158: @@
     iptables -A SPOOFED -s 192.168.0.0/16 -j DROP
     iptables -A SPOOFED -s 10.0.0.0/8     -j DROP
+    end_debug $?
+}
+misc_config() {
+    print_debug "Misc configurations"
+    echo 1 > /proc/sys/net/ipv4/tcp_syncookies
+    echo 0 > /proc/sys/net/ipv4/ip_forward
+    echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
+    echo 1 >/proc/sys/net/ipv4/conf/all/log_martians
+    echo 1 > /proc/sys/net/ipv4/ip_always_defrag
+    echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
+    echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
+    echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
+    echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
     end_debug $?
@@ Line 322: / Line 338: @@
     deny_spoofing
+    misc_config
     # Starting fail2ban again