Jump to navigation Jump to search
IP Settings allows to configure several IP related kernel parameters.
|accept-redirects (yes | no; Default: no)||Whether to accept ICMP redirect messages. Typically should be enabled on host and disabled on routers.|
|accept-source-route (yes | no; Default: no)||Whether to accept packets with SRR option. Typically should be enabled on router.|
|allow-fast-path (yes | no; Default: yes)||Allows fast path|
|arp-timeout (time interval; Default: 30s)||ARP timeout on all interfaces that use ARP. Can use postfix ms, s, m, h, d for milliseconds, seconds, minutes, hours or days. if no postfix is set then seconds (s) is used.|
|icmp-rate-limit (integer [0..4294967295]; Default: 10)|
|icmp-rate-mask ([0..FFFFFFFF]; Default: 0x1818)|
|ip-forwarding (yes | no; Default: yes)||Emable/disable packet forwarding between interfaces. Resets all configuration parameters to defaults according to RFC1812 for routers.|
|rp_filter (loose | no | strict; Default: no)||Disables enables source validation.
|secure-redirects (yes | no; Default: yes)||Accept ICMP redirect messages only for gateways, listed in default gateway list.|
|send-redirects (yes | no; Default: yes)||Whether to send ICMP redirects. Recommended to be enabled on routers.|
|tcp_syncookies (yes | no; Default: no)||Send out syncookies when the syn backlog queue of a socket overflows. This is to prevent against the common 'SYN flood attack'. syncookies seriously violate TCP protocol, do not allow o use TCP extensions, can result in serious degradation of some services (f.e. SMTP relaying), visible not by you, but your clients and relays, contacting you.|