On Mon, 29 Nov 2004 12:40:14 +0100, Ralf Ertzinger wrote: > net.ipv4.conf.all.rp_filter (current: 0, proposed: 1) 1 is already the default in /etc/sysctl.conf although it's set as net.ipv4.conf.default.rp_filter which should be the right way, as far as I know. sysctl.conf is part of the "initscripts" package. > net.ipv4.conf.all.accept_redirects (current: 1, proposed: 0) I don't have an opinon on this one, so for me, it's OK to use the kernel's default value. > net.ipv4.icmp_echo_ignore_broadcasts (current: 0, proposed: 1) I actually find it useful that ping broadcasts are allowed, to be able to quickly see which hosts are up. > net.ipv4.icmp_ignore_bogus_error_responses (current: 0, proposed: 1) No opinion. -- Greetings from Troels Arvin, Copenhagen, Denmark
