Chapter 2. The


proc


File System


49


  threads max


  Sets the maximum number of threads to be used by the kernel, with a default


value of


2048


.


  version


  Displays the date and time the kernel was last compiled. The first field in this file, such


as


#3


, relates to the number of times a kernel was built from the source base.


The


random


directory stores a number of values related to generating random numbers for the kernel.


2.3.9.4.


/proc/sys/net/


This directory contains assorted directories concerning various networking topics. Various configura 


tions at the time of kernel compilation make available different directories here, such as


appletalk


,


ethernet


,


ipv4


,


ipx


, and


ipv6


. Within these directories, you can adjust the assorted networking


values for that configuration on a running system.


Given the wide variety of possible networking options available with Linux and the great amount of


space required to discuss them, only the most common


/proc/sys/net/


directories will be dis 


cussed.


The


core


directory contains a variety of settings that control the interaction between the kernel and


networking layers. The most important files there are:


  message_burst


  The amount of time in tenths of a second required to write a new warning


message. This is used to prevent Denial of Service (DoS) attacks. The default setting is


50


.


  message_cost


  Also used to prevent DoS attacks by placing a cost on every warning message.


The higher the value of this file (default of


5


), the more likely the warning message will be ignored.


The idea of a DoS attack is to bombard your system with requests that generate errors and fill up


disk partitions with log files or require all of your system's resources to handle the error logging.


The settings in


message_burst


and


message_cost


are designed to be modified based on your


system's acceptable risk versus the need for comprehensive logging.


  netdev_max_backlog


  Sets the maximum number of packets allowed to queue when a partic 


ular interface receives packets faster than the kernel can process them. The default value for this


file is


300


.


  optmem_max


  Configures the maximum ancillary buffer size allowed per socket.


  rmem_default


  Sets the receive socket buffer's default size in bytes.


  rmem_max


  Sets the receive socket buffer's maximum size in bytes.


  wmem_default


  Sets the send socket buffer's default size in bytes.


  wmem_max


  Sets the send socket buffer's maximum size in bytes.


The


/ipv4


directory contains additional networking settings. Many of these settings, used in con 


junction with one another, are very useful in preventing attacks on the system or using the system to


act as a router.


Caution


An erroneous change to these files may affect your remote connectivity to the system.


Here are some of the most important files in the


/proc/sys/net/ipv4/


directory:


  icmp_destunreach_rate


,


icmp_echoreply_rate


,


icmp_paramprob_rate


and


icmp_timeexeed_rate


  Set the maximum ICMP send packet rate, in hundredths of a second,


to hosts under certain conditions. A setting of


0


removes any delay and is not a good idea.








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      tomcat hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Jsp Hosting
Cheap Hosting



Visionwebhosting.net Business web hosting division of Web 
Design Plus. All rights reserved