It seems silly to keep this section of the article. It's information yes, but I doesn't appear to be useful anymore. May I delete it?
See the commit message for when this feature was added for the rationale.
fs.protected_hardlinks = 1 fs.protected_symlinks = 1
I can't imagine this being a very long article, but I do find it useful. I didn't have a clue what this command did until I came across it now. I recall it from my first time installing Arch, with regard to storing the volume levels in alsamixer. --Mustard 10:31, 22 October 2010 (EDT)
error: permission denied on key 'net.ipv4.conf.all.mc_forwarding' error: permission denied on key 'net.ipv4.conf.default.mc_forwarding'
Are these not used any-more?
- it's read only which might mean that it has to be changed while compiling the kernel, I'm not sure (it used to work), it is disabled by default anyway thestinger 16:39, 26 October 2010 (EDT)
From kernel doc:
tcp_rfc1337 - BOOLEAN If set, the TCP stack behaves conforming to RFC1337. If unset, we are not conforming to RFC, but prevent TCP TIME_WAIT assassination. Default: 0
- With setting
0the system would 'assassinate' a socket in time_wait prematurely upon receiving a RST. While this might sound like a good idea (it frees up a socket quicker), it opens the door for tcp sequence problems/syn replay. Those problems were described in RFC1337 and enabling the setting
1is one way to deal with them (letting TIME_WAIT packets idle out even if a reset is received, so that the sequence number cannot be reused meanwhile). The wiki is correct in my view. Kernel doc is wrong here - "prevent" should read "enable". --Indigo (talk) 21:12, 17 September 2013 (UTC)