summaryrefslogtreecommitdiff
path: root/etc/sysctl.conf
AgeCommit message (Collapse)Author
2009-06-09By default, don't accept IPv4 ICMP redirects. This behaviour can beStuart Henderson
changed with a sysctl, so note it in sysctl.conf. v6 needs further testing following discussions on the tech mailing list; rainer@ points out possible interactions with neighbour discovery which need to be investigated first. "go ahead on the v4 part" deraadt@
2008-01-05Add commented out entries for watchdog timers. If you enable the watchdogMarc Balmer
timeout, either set auto retriggering or start watchdogd(8)... From Mitja Muzenic. ok deraadt.
2008-01-04Use consistent capitalization in comments. From mitja@muzenic.net.Marc Balmer
2007-07-25document multipath options.Pierre-Yves Ritschard
ok claudio@
2007-05-29put commented out entry for kern.nosuidcoredump=2 in, yes theo & teduHenning Brauer
2007-02-15add two carp(4) sysctl examples: net.inet.carp.preempt=1 andReyk Floeter
net.inet.carp.log=1. it is so common to enable carp preemption... yes! henning@, ok mpf@
2007-01-09add net.inet6.ip6.mforwarding which was forgotten when the variable was added.Jun-ichiro itojun Hagino
2006-01-28mention net.inet.ip.mforwarding.Brad Smith
ok beck@ kettenis@ norby@
2005-09-30correct comment;Jason McIntyre
ok deraadt@ brad@
2005-09-28Enable RFC3390 by default and remove a few compile time options whichBrad Smith
can be changed via sysctl's. ok markus@
2005-09-10kern.usercrypto is enabled by default, so commented out entry shouldJason McIntyre
show how to disable it; ok deraadt@
2005-07-19Fix grammar. From art@.Tom Cosgrove
2005-04-01show that net.inet.etherip.allow can be set here; pr 3972 ckuetheTheo de Raadt
2005-03-26encrypt swap by default. cheap, and why not. can be disabled by peopleTheo de Raadt
who have machines that hit swap a lot. decided after survey of developers, we found that most turned this on. ok various
2004-09-22it's net.inet.esp.udpencap and not net.inet.udpencap.enableHans-Joerg Hoexer
ok ho henning msf
2004-06-26Default enable udpencap. Add 'disable' sysctl to sysctl.conf. markus@ ok.Hakan Olsson
2004-02-25rfc3390 example; with deraadt@ help.Federico G. Schwindt
2003-08-24put emul sysctls in appropriate arch. also fix up the comments.Ted Unangst
problems noted by fgsch@ and deraadt@
2003-08-23commented out emulations. requested by deraadtTed Unangst
2002-05-31ecn is disabled by default, so show the option enabled.Federico G. Schwindt
deraadt@ ok.
2002-05-20blob for splassert.Artur Grabowski
suggested by deraadt@.
2002-05-16show net.inet.tcp.ecn optionTheo de Raadt
2002-02-23sysctl kern.usercryptoTheo de Raadt
2001-08-07enable ah & esp by default, now that we trust the code moreTheo de Raadt
2001-06-27IPSec->IPsec (jsyn@nthough.com)Angelos D. Keromytis
2001-06-10Since mtu discovery is enabled by default, change line to disable if it'sFederico G. Schwindt
uncommented; niels@ theo@ ok.
2000-10-23more verbose descriptionTheo de Raadt
2000-09-27Remove ipsec-aclAngelos D. Keromytis
2000-09-25mtu disc exampleTheo de Raadt
2000-06-14it's vm.swapencrypt.enable now.Niels Provos
2000-05-19nfsiod/nfs_client, bye byeMichael Shalayeff
add commented out entry into sysctl.conf for vfs.nfs.iothreads
2000-03-30Add a sample commented out net.inet.ip.ipsec-acl=0 entry.Angelos D. Keromytis
2000-01-02ipv6 autoconf on hosts (non-routers).Jun-ichiro itojun Hagino
to do this, 1. in sysctl.conf, add these lines: net.inet6.ip6.forwarding=0 net.inet6.ip6.accept_rtadv=1 2. in hostname.foo, add rtsol specifying two or more interfaces with "rtsol" may result in strange behavior - ipv6 spec does not permit multi-interface node to be autoconfig'ed.
1999-12-30insert #vm.swapencrypt=1Niels Provos
1999-12-16show ip6.forwardingTheo de Raadt
1999-05-30Bad commit (machdep.allowaperture), this already exists in etc.i386 --Angelos D. Keromytis
obviously a long day :-X
1999-05-30Add a commented out machdep.allowaperture=1 lineAngelos D. Keromytis
1999-04-11Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default.Niklas Hallqvist
If you are going to use either of AH or ESP or both, enable these in /etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now named net.inet.ip.encdebug. Some corrected function signatures too.
1998-05-05split sysctl.conf into MD and MI partsTheo de Raadt
1998-04-04default to console ddb offTheo de Raadt
1998-02-17i386 onlyTheo de Raadt
1998-02-17add machdep.allowapertureMatthieu Herrb
1998-02-16move fs.posix.setuid to sysctl.confTheo de Raadt
1998-02-14urghTheo de Raadt
1998-02-06moreTheo de Raadt
1998-02-05ddb sysctlTheo de Raadt
1998-02-05introduce /etc/sysctl.conf containing sysctl variables to change at boot timeTheo de Raadt