Annotation of src/etc/sysctl.conf, Revision 1.38
1.38 ! brad 1: # $OpenBSD: sysctl.conf,v 1.37 2005/09/10 09:29:29 jmc Exp $
1.21 deraadt 2: #
3: # This file contains a list of sysctl options the user wants set at
4: # boot time. See sysctl(3) and sysctl(8) for more information on
5: # the many available variables.
6: #
1.5 deraadt 7: #net.inet.ip.forwarding=1 # 1=Permit forwarding (routing) of packets
1.15 itojun 8: #net.inet6.ip6.forwarding=1 # 1=Permit forwarding (routing) of packets
9: #net.inet6.ip6.accept_rtadv=1 # 1=Permit IPv6 autoconf (forwarding must be 0)
1.38 ! brad 10: #net.inet.tcp.rfc1323=0 # 0=Disable TCP RFC1323 extensions (for if tcp is slow)
! 11: #net.inet.tcp.rfc3390=0 # 1=Disable RFC3390 for TCP window increasing
1.24 deraadt 12: #net.inet.esp.enable=0 # 0=Disable the ESP IPsec protocol
13: #net.inet.ah.enable=0 # 0=Disable the AH IPsec protocol
1.33 hshoexer 14: #net.inet.esp.udpencap=0 # 0=Disable ESP-in-UDP encapsulation
1.24 deraadt 15: #net.inet.ipcomp.enable=1 # 1=Enable the IPCOMP protocol
1.35 deraadt 16: #net.inet.etherip.allow=1 # 1=Enable the Ethernet-over-IP protocol
1.28 fgsch 17: #net.inet.tcp.ecn=1 # 1=Enable the TCP ECN extension
1.5 deraadt 18: #ddb.panic=0 # 0=Do not drop into ddb on a kernel panic
1.8 deraadt 19: #ddb.console=1 # 1=Permit entry of ddb from the console
1.5 deraadt 20: #fs.posix.setuid=0 # 0=Traditional BSD chown() semantics
1.34 deraadt 21: #vm.swapencrypt.enable=0 # 0=Do not encrypt pages that go to swap
1.17 mickey 22: #vfs.nfs.iothreads=4 # number of nfsio kernel threads
1.22 fgsch 23: #net.inet.ip.mtudisc=0 # 0=disable tcp mtu discovery
1.37 jmc 24: #kern.usercrypto=0 # 0=disable userland use of /dev/crypto
1.36 tom 25: #kern.splassert=2 # 2=enable with verbose error messages