LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-20-2009, 01:57 AM   #1
deepak_cucek
Member
 
Registered: Feb 2008
Posts: 36

Rep: Reputation: 16
Question parametrs in /etc/sysctl.conf in suse


for disabling ipforwarding in suse , we have to add

net.ipv4.ip_forward=0 entry in /etc/sysctl.conf

and for disabling synflooding
net.ipv4.tcp_cyncookies=0

actually my doubt is in real time how we can check whether it is really taking affect in system or not .. [not only for these parameters also for IP source routing , ICMP echo messages , ICMP redirect acceptance.....etc]

in my lab set up i have 1 PC with windows and other with Suse 10

is there any tool available for suse for checking the incoming packets rate ...

and is there any tool available for windows to create some packet flooding to other machines in the network.

BAsically i need to verify the realt time functionality of the parameters in /etc/sysctl.conf like it really blocking IP spoofing / IP source rooting .... etc

thanks in advance

Last edited by deepak_cucek; 08-20-2009 at 03:54 AM.
 
Old 08-20-2009, 03:57 AM   #2
deepak_cucek
Member
 
Registered: Feb 2008
Posts: 36

Original Poster
Rep: Reputation: 16
any suggestions.....
 
Old 08-20-2009, 01:23 PM   #3
jeremy
root
 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 12,395

Rep: Reputation: 3297Reputation: 3297Reputation: 3297Reputation: 3297Reputation: 3297Reputation: 3297Reputation: 3297Reputation: 3297Reputation: 3297Reputation: 3297Reputation: 3297
/sbin/sysctl $key should accomplish what you'd like:

Code:
$ /sbin/sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
--jeremy
 
Old 08-20-2009, 07:11 PM   #4
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,374

Rep: Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383
Once you've edited the sysctl.conf file, issue the cmd

sysctl -p

to make the kernel re-read the file and use the new settings.
You can use

sysctl -a

to check what the kernel thinks.
 
Old 08-20-2009, 11:16 PM   #5
deepak_cucek
Member
 
Registered: Feb 2008
Posts: 36

Original Poster
Rep: Reputation: 16
Quote:
Originally Posted by chrism01 View Post
Once you've edited the sysctl.conf file, issue the cmd

sysctl -p

to make the kernel re-read the file and use the new settings.
You can use

sysctl -a

to check what the kernel thinks.
thanx for ur reply..

By using sysctl -p , we can see all the kernel parameters...
But my concern is how we can test the same in real time ..
like whether IP forwarding /IP source routing /SYN flooding is really disabled in the machine or not..




thanks
 
Old 08-21-2009, 09:12 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,354
Blog Entries: 55

Rep: Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541
Quote:
Originally Posted by deepak_cucek View Post
But my concern is how we can test the same in real time ..
like whether IP forwarding /IP source routing /SYN flooding is really disabled in the machine or not..
If you mean testing the effect of those sysctls then you could try to determine what expected behaviour would be and check for it.
- If forwarding is enabled for traffic originating from host A to end up at host C via host B then on the forwarding host the forward chain packet counter would go up.
- If source routing is enabled then you should be able to specify the route for traffic originating from host A and destined for host F to go via router B, D and E instead of router B, C and E (traceroute?).
- If SYN cookies are enabled then you should be able to see a certain response from the host to the flooding client once the SYN queue starts filling up (tcpdump?).
In my opinion testing sysctl values is an OK question for the Newbie forum but questions about testing the effect of those sysctls seems more appropriate in Networking.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to run vm.swappiness=10 to /etc/sysctl.conf on SUSE-9.3? srivastava Linux - Software 3 05-27-2005 11:10 PM
/etc/Sysctl.conf really I need it? Beised Linux - Software 2 08-25-2004 08:36 AM
/etc/sysctl.conf ??? biscristi Linux - Software 0 06-03-2004 09:50 AM
sysctl.conf nocturnal *BSD 4 12-11-2003 06:43 PM
help! the /etc/sysctl.conf darkstarreddiam Linux - Networking 2 05-08-2003 09:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration