The kernel tunable parameters
[root@deep /]# /etc/rc.d/init.d/network restart
Setting network parameters [ OK ]
Bringing up interface lo [ OK ]
Bringing up interface ethO [ OK ]
Bringing up interface eth1 [ OK ]
NOTE: Make a note that the above command for Red Hat Linux 6.1 or 6.2 will disable Redirect Acceptance Packets on all your interfaces (lo, ethN, pppN etc).
Enable always-defragging Protection
This protection must be enabled if you use your Linux server as a gateway to masquerade internal traffic to the Internet (IP Masquerading).
Under Red Hat Linux 6.1
[root@deep /]# echo 1 > /proc/sys/net/ipv4/ip_always_defrag
Add the above commands to the 7etc/rc.d/rc.local” script file and you’ll not have to type it again the next time you reboot your system.
Under Red Hat Linux 6.2
Edit the 7etc/sysctl.conf” file and add the following line:
# Enable always defragging Protection net.ipv4.ip_always_defrag = 1
You must restart your network for the change to take effect. The command to restart the network is the following:
• To restart all network devices manually on your system, use the following command: [root@deep /]# /etc/rc.d/init.d/network restart
Setting network parameters [ OK ]
Bringing up interface lo [ OK ]
Bringing up interface ethO [ OK ]
Bringing up interface eth1 [ OK ]
Enable bad error message Protection
This option will alert you to all bad error messages in your network.
Under Red Hat Linux 6.1
[root@deep /]# echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
Add the above commands to the 7etc/rc.d/rc.local” script file and you’ll not have to type it again the next time you reboot your system.
Under Red Hat Linux 6.2
Edit the 7etc/sysctl.conf file and add the following line:
# Enable bad error message Protection net.ipv4.icmp_ignore_bogus_error_responses = 1
You must restart your network for the change to take effect. The command to restart the network is the following: