Essa vai dedicada ao Cristopher... :) /etc/rc.conf
ifconfig_lan0="inet x.x.x.x/24 media 100baseTX mediaopt full-duplex" # desative o autonegociacao de velocidade e force os parametros ethernet log_in_vain="1" icmp_bmcastecho="NO" icmp_drop_redirect="YES" tcp_keepalive="YES" tcp_drop_synfin="YES" tcp_extensions="YES" # RFC 1323 - TCP Extensions for High Performance fsck_y_enable="YES" check_quotas="NO" kern_securelevel_enable="YES" kern_securelevel="1" clear_tmp_enable="YES" virecover_enable="NO" update_motd="NO" /etc/sysctl.conf security.bsd.see_other_uids=0 net.inet.ip.check_interface=1 # protection against spoof ip packets net.inet.ip.random_id=1 net.inet.ip.fastforwarding=1 net.inet.ip.process_options=0 net.inet.icmp.maskrepl=0 net.inet.tcp.blackhole=2 # blackhole pings, traceroutes, etc. net.inet.tcp.rfc3042=1 # Enhancing TCP's Loss Recovery Using Limited Transmit net.inet.tcp.rfc3390=1 # Increasing TCP's Initial Window net.inet.tcp.sack.enable=1 net.inet.tcp.delayed_ack=0 net.inet.tcp.keepidle=300000 net.inet.tcp.keepintvl=150 net.inet.tcp.recvspace=65535 net.inet.tcp.sendspace=65535 net.inet.udp.recvspace=65535 net.inet.udp.blackhole=1 net.inet.udp.maxdgram=57344 net.local.stream.recvspace=65535 net.local.stream.sendspace=65535 kern.fallback_elf_brand=3 kern.polling.enable=1 # network interface pooling instead interrupt request kern.ipc.shm_use_phys=1 # kernel to lock shared memory into RAM # and prevent it from being paged out to swap kern.ipc.maxsockbuf=2097152 # Buffers de socket para novas conexoes kern.ipc.somaxconn=8192 kern.maxfiles=65536 kern.maxfilesperproc=32768 vfs.vmiodirenable=1 /boot/loader.conf autoboot_delay="2" beastie_disable="YES" kern.ipc.nmbclusters=1024 kern.ipc.maxsockets=1024 hw.ata.atapi_dma=1 kern.hz="1000" # Set the kernel interval timer rate kern.cam.scsi_delay="2000" # Delay (in ms) before probing SCSI kern.ipc.maxsockets="16424" netgraph_load="YES" /etc/make.conf CFLAGS= -O2 -pipe -funroll-loops -ffast-math CPUTYPE= i686 CPUTYPE= pentium2 COPTFLAGS= -O2 -pipe -funroll-loops -ffast-math /usr/src/sys/i386/conf/MyKernel.conf machine i386 #cpu I486_CPU # desative 386 e 486 cpu I586_CPU cpu I686_CPU #options INET6 # IPv6 communications protocols # Network Security & Tuning options IPSTEALTH # randomize IP ID to prevent server from being a mid-point for idlescan-style portscanning. Prevents cracker from determining the rate of packet generation options TCP_DROP_SYNFIN options ACCEPT_FILTER_DATA options ACCEPT_FILTER_HTTP options NMBCLUSTERS=65536 # maximum number of mbuf clusters options DEVICE_POLLING options HZ=1000 options SYSVMSG # SYSV-style message queues options MSGMNB=16384 # max # of bytes in a queue options MSGMNI=40 # number of message queue identifiers options MSGSEG=2048 # number of message segments per queue options MSGSSZ=64 # size of a message segment options MSGTQL=2048 # max messages in system options SYSVSHM # SYSV-style shared memory options SHMMAXPGS=4096 options SHMSEG=16 # max shared mem id's per process options SHMMNI=32 # max shared mem id's per system options SHMMAX=2097152 # max shared memory segment size (bytes) options SHMALL=4096 # max amount of shared memory (pages) options SYSVSEM # SYSV-style semaphores options SEMMNI=256 options SEMMNS=512 options SEMMNU=256 options SEMMAP=256 Ufa... So isso. Fabricio Lima ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd