1 files changed, 64 insertions, 0 deletions
diff --git a/meta/recipes-extended/procps/procps-3.2.8/sysctl.conf b/meta/recipes-extended/procps/procps-3.2.8/sysctl.conf
new file mode 100644
index 0000000000..34e7488bf7
--- /dev/null
+++ b/meta/recipes-extended/procps/procps-3.2.8/sysctl.conf
@@ -0,0 +1,64 @@
+# This configuration file is taken from Debian.
+#
+# /etc/sysctl.conf - Configuration file for setting system variables
+# See sysctl.conf (5) for information.
+#
+#kernel.domainname = example.com
+# Uncomment the following to stop low-level messages on console
+#kernel.printk = 4 4 1 7
+##############################################################3
+# Functions previously found in netbase
+#
+# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
+# Turn on Source Address Verification in all interfaces to
+# prevent some spoofing attacks
+net.ipv4.conf.default.rp_filter=1
+net.ipv4.conf.all.rp_filter=1
+# Uncomment the next line to enable TCP/IP SYN cookies
+#net.ipv4.tcp_syncookies=1
+# Uncomment the next line to enable packet forwarding for IPv4
+#net.ipv4.ip_forward=1
+# Uncomment the next line to enable packet forwarding for IPv6
+#net.ipv6.conf.all.forwarding=1
+###################################################################
+# Additional settings - these settings can improve the network
+# security of the host and prevent against some network attacks
+# including spoofing attacks and man in the middle attacks through
+# redirection. Some network environments, however, require that these
+# settings are disabled so review and enable them as needed.
+#
+# Ignore ICMP broadcasts
+#net.ipv4.icmp_echo_ignore_broadcasts = 1
+#
+# Ignore bogus ICMP errors
+#net.ipv4.icmp_ignore_bogus_error_responses = 1
+#
+# Do not accept ICMP redirects (prevent MITM attacks)
+#net.ipv4.conf.all.accept_redirects = 0
+#net.ipv6.conf.all.accept_redirects = 0
+# _or_
+# Accept ICMP redirects only for gateways listed in our default
+# gateway list (enabled by default)
+# net.ipv4.conf.all.secure_redirects = 1
+#
+# Do not send ICMP redirects (we are not a router)
+#net.ipv4.conf.all.send_redirects = 0
+#
+# Do not accept IP source route packets (we are not a router)
+#net.ipv4.conf.all.accept_source_route = 0
+#net.ipv6.conf.all.accept_source_route = 0
+#
+# Log Martian Packets
+#net.ipv4.conf.all.log_martians = 1
+#
+#kernel.shmmax = 141762560

diff --git a/meta/recipes-extended/procps/procps-3.2.8/sysctl.conf b/meta/recipes-extended/procps/procps-3.2.8/sysctl.conf new file mode 100644 index 0000000000..34e7488bf7 --- /dev/null +++ b/meta/recipes-extended/procps/procps-3.2.8/sysctl.conf
@@ -0,0 +1,64 @@
	1	# This configuration file is taken from Debian.
	2	#
	3	# /etc/sysctl.conf - Configuration file for setting system variables
	4	# See sysctl.conf (5) for information.
	5	#
	6
	7	#kernel.domainname = example.com
	8
	9	# Uncomment the following to stop low-level messages on console
	10	#kernel.printk = 4 4 1 7
	11
	12	##############################################################3
	13	# Functions previously found in netbase
	14	#
	15
	16	# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
	17	# Turn on Source Address Verification in all interfaces to
	18	# prevent some spoofing attacks
	19	net.ipv4.conf.default.rp_filter=1
	20	net.ipv4.conf.all.rp_filter=1
	21
	22	# Uncomment the next line to enable TCP/IP SYN cookies
	23	#net.ipv4.tcp_syncookies=1
	24
	25	# Uncomment the next line to enable packet forwarding for IPv4
	26	#net.ipv4.ip_forward=1
	27
	28	# Uncomment the next line to enable packet forwarding for IPv6
	29	#net.ipv6.conf.all.forwarding=1
	30
	31
	32	###################################################################
	33	# Additional settings - these settings can improve the network
	34	# security of the host and prevent against some network attacks
	35	# including spoofing attacks and man in the middle attacks through
	36	# redirection. Some network environments, however, require that these
	37	# settings are disabled so review and enable them as needed.
	38	#
	39	# Ignore ICMP broadcasts
	40	#net.ipv4.icmp_echo_ignore_broadcasts = 1
	41	#
	42	# Ignore bogus ICMP errors
	43	#net.ipv4.icmp_ignore_bogus_error_responses = 1
	44	#
	45	# Do not accept ICMP redirects (prevent MITM attacks)
	46	#net.ipv4.conf.all.accept_redirects = 0
	47	#net.ipv6.conf.all.accept_redirects = 0
	48	# _or_
	49	# Accept ICMP redirects only for gateways listed in our default
	50	# gateway list (enabled by default)
	51	# net.ipv4.conf.all.secure_redirects = 1
	52	#
	53	# Do not send ICMP redirects (we are not a router)
	54	#net.ipv4.conf.all.send_redirects = 0
	55	#
	56	# Do not accept IP source route packets (we are not a router)
	57	#net.ipv4.conf.all.accept_source_route = 0
	58	#net.ipv6.conf.all.accept_source_route = 0
	59	#
	60	# Log Martian Packets
	61	#net.ipv4.conf.all.log_martians = 1
	62	#
	63
	64	#kernel.shmmax = 141762560