/sbin/sysctl -w net.inet.ip.forwarding=0
/sbin/sysctl -w net.inet.tcp.always_keepalive=1
/sbin/sysctl -w kern.ipc.somaxconn=1024
/sbin/sysctl -w net.inet.tcp.delayed_ack=0
/sbin/sysctl -w net.inet.ip.portrange.last=30000
/sbin/sysctl -w net.inet.tcp.sendspace=131072
/sbin/sysctl -w net.inet.tcp.recvspace=131072#/sbin/sysctl -w net.inet.tcp.rfc1644=1
#/sbin/sysctl -w net.inet.tcp.rfc1323=0
#/sbin/sysctl -w net.inet.icmp.drop_redirect=1
#/sbin/sysctl -w net.inet.icmp.log_redirect=1
#/sbin/sysctl -w net.inet.ip.redirect=0
#/sbin/sysctl -w net.inet6.ip6.redirect=0
/sbin/sysctl -w net.link.ether.inet.max_age=1200
/sbin/sysctl -w net.inet.ip.sourceroute=0
/sbin/sysctl -w net.inet.ip.accept_sourceroute=0
/sbin/sysctl -w net.inet.icmp.bmcastecho=0
/sbin/sysctl -w net.inet.icmp.maskrepl=0
URL:
Обсуждается: http://www.opennet.me/tips/info/277.shtml