Installation guide
50 Chapter 2. The proc File System
• icmp_echo_ignore_all and icmp_echo_ignore_broadcasts — Allows the kernel to ignore
ICMP ECHO packets from every host or only those originating from broadcast and multicast ad-
dresses, respectively. A value of 0 allows the kernel to respond, while a value of 1 ignores the
packets.
• ip_default_ttl — Sets the default Time To Live (TTL), which limits the number of hops a packet
may make before reaching its destination. Increasing this value can diminish system performance.
• ip_forward — Permits interfaces on the system to forward packets to one other. By default, this
file is set to 0. Setting this file to 1 will enable network packet forwarding.
• ip_local_port_range — Specifies the range of ports to be used by TCP or UDP when a local
port is needed. The first number is the lowest port to be used, and the second number specifies the
highest port. Any systems that expect to require more ports than the default 1024 to 4999 should
use the 32768 to 61000 range in this file.
• tcp_syn_retries — Provides a limit on the number of times your system will re-transmit a SYN
packet when attempting to make a connection.
• tcp_retries1 — Sets the number of permitted re-transmissions attempting to answer an incom-
ing connection. Default of 3.
• tcp_retries2 — Sets the number of permitted re-transmissions of TCP packets. Default of 15.
The /usr/src/linux-2.4/Documentation/networking/ip-sysctl.txt file contains a com-
plete list of files and options available in the /proc/sys/net/ipv4/ directory.
A number of other directories exist within the /proc/sys/net/ipv4/ directory cover specific top-
ics. The conf directory allows each of the systems interfaces to be configured in different ways,
including the use of a default settings for unconfigured devices (in the default subdirectory) and
settings that override all special configurations (in the all subdirectory).
In order to control connections between direct neighbors, meaning any other system directly con-
nected to your system, the neigh directory allows special configurations for each interface. This
would allow you to treat systems differently that you trust more due to their relatively proximity to
your system. At the same time, it also makes it easy to put strict rules in place for systems several
hops away.
Routing over IPV4 also has its own directory, route. Unlike conf and neigh, the route directory
contains specifications that apply to routing with any interfaces on the system. Many of these settings,
such as max_size, max_delay, and min_delay, relate to controlling the size of the routing cache.
To clear the routing cache, simply write any value to the flush file.
Additional information about these directories and the possible values for their configuration files can
be found in /usr/src/linux-2.4/Documentation/filesystems/proc.txt.
2.3.9.5. /proc/sys/vm/
This directory facilitates the configuration of the Linux kernel’s virtual memory (VM) subsystem. The
kernel makes extensive and intelligent use of virtual memory, which is commonly called swap space.
The following files are commonly found in the /proc/sys/vm/ directory:
• bdflush — Sets various values related to the bdflush kernel daemon.
• buffermem — Allows you to control the percentage amount of total system memory to be used for
buffer memory. Typical output for this file looks like this:
2 10 60
The first and last values set the minimum and maximum percentage of memory to be used as buffer
memory, respectively. The middle value sets the percentage of system memory dedicated to buffer
memory where the memory management subsystem will begin to clear buffer cache more than other
kinds of memory to compensate for a general lack of free memory.