From 132b41ae73e9ea72bc3d8aff22ae75fc622758a3 Mon Sep 17 00:00:00 2001 From: raja-grewal Date: Thu, 9 May 2024 02:16:50 +0000 Subject: [PATCH] Revert logging of martians --- usr/lib/sysctl.d/990-security-misc.conf | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/usr/lib/sysctl.d/990-security-misc.conf b/usr/lib/sysctl.d/990-security-misc.conf index 321f3b8..95b44ff 100644 --- a/usr/lib/sysctl.d/990-security-misc.conf +++ b/usr/lib/sysctl.d/990-security-misc.conf @@ -81,8 +81,9 @@ kernel.io_uring_disabled=2 ## A martian packet is a one with a source address which is blatantly wrong ## Recommended to keep a log of these to identify these suspicious packets -net.ipv4.conf.all.log_martians=1 -net.ipv4.conf.default.log_martians=1 +## Good for troubleshooting and diagnostics but not necessary by default +#net.ipv4.conf.all.log_martians=1 +#net.ipv4.conf.default.log_martians=1 ## Protects against time-wait assassination. ## It drops RST packets for sockets in the time-wait state.