修改某些参数，提高系统性能

jellynian · jellynian · commit 7bafd0db080c · 2017-06-12T13:14:11.000+08:00
diff --git a/kernel_tuning_centos.sh b/kernel_tuning_centos.sh
@@ -61,6 +61,8 @@ echo "0" > /proc/sys/net/ipv4/conf/default/secure_redirects
 echo "1" > /proc/sys/net/ipv4/conf/all/log_martians
 # Protect from ICMP attacks 
 echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
+
+echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
 # Enable RFC-recommended source validation (should not be used on machines which are routers for very complicated networks)
 echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
 echo "1" > /proc/sys/net/ipv4/conf/default/rp_filter
@@ -83,3 +85,5 @@ echo "20" > /proc/sys/vm/dirty_background_ratio
 #
 echo "25" > /proc/sys/vm/dirty_ratio
 
+
+echo "0" > /proc/sys/net/ipv4/conf/all/rp_filter
diff --git a/kernel_tuning_ubuntu.sh b/kernel_tuning_ubuntu.sh
@@ -1,5 +1,4 @@
 #!/bin/bash
-kernel_tuning() {
 echo '
 # Syncookies make SYN flood attacks ineffective
 net.ipv4.tcp_syncookies = 1
@@ -69,6 +68,4 @@ root hard nofile 256000
 grep  "session required pam_limits.so" /etc/pam.d/common-session >/dev/null || {
 	echo 'session required pam_limits.so' >> /etc/pam.d/common-session
 }
-}
 
-kernel_tuning;
