From ab98da957c732340ddb7bb43ed445835220c21d1 Mon Sep 17 00:00:00 2001
From: raja-grewal <rg_public@proton.me>
Date: Tue, 11 Nov 2025 04:28:56 +0000
Subject: [PATCH] Re-set `net.ipv4.conf.*.log_martians=1`

---
 README.md                                                    | 4 ++--
 usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 8c232ae..e295d80 100644
--- a/README.md
+++ b/README.md
@@ -132,8 +132,8 @@ configuration file and significant hardening is applied to a myriad of component
 
 - Disable TCP timestamps as they can allow detecting the system time.
 
-- Optional - Log packets with impossible source or destination addresses to
-  enable further inspection and analysis.
+- Log packets with impossible source or destination addresses to enable further
+  inspection and analysis.
 
 - Optional - Enable IPv6 Privacy Extensions.
 
diff --git a/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared b/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared
index a4914da..d7071b6 100644
--- a/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared
+++ b/usr/lib/sysctl.d/990-security-misc.conf#security-misc-shared
@@ -576,7 +576,7 @@ net.ipv4.tcp_timestamps=0
 ##
 ## The logging of martian packets is currently disabled.
 ##
-#net.ipv4.conf.*.log_martians=1
+net.ipv4.conf.*.log_martians=1
 
 ## Enable IPv6 Privacy Extensions to prefer temporary addresses over public addresses.
 ## The temporary/privacy address is used as the source for all outgoing traffic.