Lines Matching +full:can +full:- +full:disable
1 .. SPDX-License-Identifier: GPL-2.0
10 ip_forward - BOOLEAN
11 - 0 - disabled (default)
12 - not 0 - enabled
20 ip_default_ttl - INTEGER
25 ip_no_pmtu_disc - INTEGER
26 Disable Path MTU Discovery. If enabled in mode 1 and a
27 fragmentation-required ICMP is received, the PMTU to this
37 accept fragmentation-needed errors if the underlying protocol
38 can verify them besides a plain socket lookup. Current
47 Possible values: 0-3
51 min_pmtu - INTEGER
52 default 552 - minimum discovered Path MTU
54 ip_forward_use_pmtu - BOOLEAN
56 because they could be easily forged and can lead to unwanted
58 You only need to enable this if you have user-space software
67 - 0 - disabled
68 - 1 - enabled
70 fwmark_reflect - BOOLEAN
71 Controls the fwmark of kernel-generated IPv4 reply packets that are not
78 fib_multipath_use_neigh - BOOLEAN
88 - 0 - disabled
89 - 1 - enabled
91 fib_multipath_hash_policy - INTEGER
99 - 0 - Layer 3
100 - 1 - Layer 4
101 - 2 - Layer 3 or inner Layer 3 if present
103 fib_sync_mem - UNSIGNED INTEGER
104 Amount of dirty memory from fib entries that can be backlogged before
109 ip_forward_update_priority - INTEGER
112 according to an rt_tos2priority table (see e.g. man tc-prio).
118 - 0 - Do not update priority.
119 - 1 - Update priority.
121 route/max_size - INTEGER
128 neigh/default/gc_thresh1 - INTEGER
134 neigh/default/gc_thresh2 - INTEGER
141 neigh/default/gc_thresh3 - INTEGER
142 Maximum number of non-PERMANENT neighbor entries allowed. Increase
144 with large numbers of directly-connected peers.
148 neigh/default/unres_qlen_bytes - INTEGER
161 neigh/default/unres_qlen - INTEGER
174 mtu_expires - INTEGER
177 min_adv_mss - INTEGER
183 ipfrag_high_thresh - LONG INTEGER
186 ipfrag_low_thresh - LONG INTEGER
187 (Obsolete since linux-4.17)
192 ipfrag_time - INTEGER
195 ipfrag_max_dist - INTEGER
196 ipfrag_max_dist is a non-negative integer value which defines the
203 is done on fragments before they are added to a reassembly queue - if
210 Using a very small value, e.g. 1 or 2, for ipfrag_max_dist can
221 inet_peer_threshold - INTEGER
224 entries' time-to-live and time intervals between garbage collection
225 passes. More entries, less time-to-live, less GC interval.
227 inet_peer_minttl - INTEGER
228 Minimum time-to-live of entries. Should be enough to cover fragment
229 time-to-live on the reassembling side. This minimum time-to-live is
233 inet_peer_maxttl - INTEGER
234 Maximum time-to-live of entries. Unused entries will expire after
242 somaxconn - INTEGER
244 Defaults to 4096. (Was 128 before linux-5.4)
247 tcp_abort_on_overflow - BOOLEAN
253 option can harm clients of your server.
255 tcp_adv_win_scale - INTEGER
257 (if tcp_adv_win_scale > 0) or bytes-bytes/2^(-tcp_adv_win_scale),
260 Possible values are [-31, 31], inclusive.
264 tcp_allowed_congestion_control - STRING
265 Show/set the congestion control choices available to non-privileged
271 tcp_app_win - INTEGER
277 tcp_autocorking - BOOLEAN
283 queue. Applications can still use TCP_CORK for optimal behavior
288 tcp_available_congestion_control - STRING
293 tcp_base_mss - INTEGER
298 tcp_mtu_probe_floor - INTEGER
304 tcp_min_snd_mss - INTEGER
313 tcp_congestion_control - STRING
323 tcp_dsack - BOOLEAN
326 tcp_early_retrans - INTEGER
328 losses into fast recovery (draft-ietf-tcpm-rack). Note that
333 - 0 disables TLP
334 - 3 or 4 enables TLP
338 tcp_ecn - INTEGER
348 0 Disable ECN. Neither initiate nor accept ECN.
357 tcp_ecn_fallback - BOOLEAN
359 back to non-ECN. Currently, this knob implements the fallback
367 tcp_fack - BOOLEAN
370 tcp_fin_timeout - INTEGER
374 valid "receive only" state for an un-orphaned connection, an
382 tcp_frto - INTEGER
383 Enables Forward RTO-Recovery (F-RTO) defined in RFC5682.
384 F-RTO is an enhanced recovery algorithm for TCP retransmission
386 RTT fluctuates (e.g., wireless). F-RTO is sender-side only
389 By default it's enabled with a non-zero value. 0 disables F-RTO.
391 tcp_fwmark_accept - BOOLEAN
402 tcp_invalid_ratelimit - INTEGER
407 (a) out-of-window sequence number,
408 (b) out-of-window acknowledgment number, or
411 This can help mitigate simple "ack loop" DoS attacks, wherein
412 a buggy or malicious middlebox or man-in-the-middle can
418 Using 0 disables rate-limiting of dupacks in response to
424 tcp_keepalive_time - INTEGER
428 tcp_keepalive_probes - INTEGER
432 tcp_keepalive_intvl - INTEGER
438 tcp_l3mdev_accept - BOOLEAN
448 tcp_low_latency - BOOLEAN
451 tcp_max_orphans - INTEGER
463 tcp_max_syn_backlog - INTEGER
467 This is a per-listener limit.
477 tcp_max_tw_buckets - INTEGER
479 If this number is exceeded time-wait socket is immediately destroyed
485 tcp_mem - vector of 3 INTEGERs: min, pressure, max
499 tcp_min_rtt_wlen - INTEGER
506 Possible values: 0 - 86400 (1 day)
510 tcp_moderate_rcvbuf - BOOLEAN
511 If set, TCP performs receive buffer auto-tuning, attempting to
516 tcp_mtu_probing - INTEGER
517 Controls TCP Packetization-Layer Path MTU Discovery. Takes three
520 - 0 - Disabled
521 - 1 - Disabled by default, enabled when an ICMP black hole detected
522 - 2 - Always enabled, use initial MSS of tcp_base_mss.
524 tcp_probe_interval - UNSIGNED INTEGER
525 Controls how often to start TCP Packetization-Layer Path MTU
529 tcp_probe_threshold - INTEGER
530 Controls when TCP Packetization-Layer Path MTU Discovery probing
534 tcp_no_metrics_save - BOOLEAN
537 near future can use these to set initial conditions. Usually, this
542 tcp_no_ssthresh_metrics_save - BOOLEAN
547 tcp_orphan_retries - INTEGER
558 tcp_recovery - INTEGER
574 tcp_reordering - INTEGER
576 TCP stack can then dynamically adjust flow reordering level
581 tcp_max_reordering - INTEGER
588 tcp_retrans_collapse - BOOLEAN
589 Bug-to-bug compatibility with some broken printers.
593 tcp_retries1 - INTEGER
602 tcp_retries2 - INTEGER
617 tcp_rfc1337 - BOOLEAN
624 tcp_rmem - vector of 3 INTEGERs: min, default, max
643 tcp_sack - BOOLEAN
646 tcp_comp_sack_delay_ns - LONG INTEGER
653 tcp_comp_sack_slack_ns - LONG INTEGER
661 tcp_comp_sack_nr - INTEGER
662 Max number of SACK that can be compressed.
667 tcp_slow_start_after_idle - BOOLEAN
675 tcp_stdurg - BOOLEAN
682 tcp_synack_retries - INTEGER
689 tcp_syncookies - INTEGER
704 to use TCP extensions, can result in serious degradation
711 network connections you can set this knob to 2 to enable
714 tcp_fastopen - INTEGER
725 the option value being the length of the syn-data backlog.
733 application before 3-way handshake finishes.
736 0x200 (server) accept data-in-SYN w/o any cookie option present.
746 tcp_fastopen_blackhole_timeout_sec - INTEGER
747 Initial time period in second to disable Fastopen on active TCP sockets
750 get detected right after Fastopen is re-enabled and will reset to
752 0 to disable the blackhole detection.
756 tcp_fastopen_key - list of comma separated 32-digit hexadecimal INTEGERs
767 per-socket keys will be used instead of any keys that are specified via
770 A key is specified as 4 8-digit hexadecimal integers which are separated
771 by a '-' as: xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx. Leading zeros may be
776 tcp_syn_retries - INTEGER
783 tcp_timestamps - INTEGER
786 - 0: Disabled.
787 - 1: Enable timestamps as defined in RFC1323 and use random offset for
789 - 2: Like 1, but without random offsets.
793 tcp_min_tso_segs - INTEGER
796 Since linux-3.12, TCP does an automatic sizing of TSO frames,
804 tcp_pacing_ss_ratio - INTEGER
805 sk->sk_pacing_rate is set by TCP stack using a ratio applied
808 to let TCP probe for bigger speeds, assuming cwnd can be
813 tcp_pacing_ca_ratio - INTEGER
814 sk->sk_pacing_rate is set by TCP stack using a ratio applied
821 tcp_tso_win_divisor - INTEGER
823 can be consumed by a single TSO frame.
829 tcp_tw_reuse - INTEGER
830 Enable reuse of TIME-WAIT sockets for new connections when it is
833 - 0 - disable
834 - 1 - global enable
835 - 2 - enable for loopback traffic only
842 tcp_window_scaling - BOOLEAN
845 tcp_wmem - vector of 3 INTEGERs: min, default, max
866 tcp_notsent_lowat - UNSIGNED INTEGER
867 A TCP socket can control the amount of unsent bytes in its write queue,
879 tcp_workaround_signed_windows - BOOLEAN
887 tcp_thin_linear_timeouts - BOOLEAN
894 non-aggressive thin streams, often found to be time-dependent.
896 Documentation/networking/tcp-thin.rst
900 tcp_limit_output_bytes - INTEGER
903 gets losses notifications. With SNDBUF autotuning, this can
912 tcp_challenge_ack_limit - INTEGER
914 in RFC 5961 (Improving TCP's Robustness to Blind In-Window Attacks)
917 tcp_rx_skb_cache - BOOLEAN
928 udp_l3mdev_accept - BOOLEAN
937 udp_mem - vector of 3 INTEGERs: min, pressure, max
950 udp_rmem_min - INTEGER
957 udp_wmem_min - INTEGER
967 raw_l3mdev_accept - BOOLEAN
979 cipso_cache_enable - BOOLEAN
983 invalidated when required when means you can safely toggle this on and
988 cipso_cache_bucket_size - INTEGER
992 more CIPSO label mappings that can be cached. When the number of
998 cipso_rbm_optfmt - BOOLEAN
1002 categories in order to make the packet data 32-bit aligned.
1006 cipso_rbm_structvalid - BOOLEAN
1019 ip_local_port_range - 2 INTEGERS
1028 ip_local_reserved_ports - list of comma separated ranges
1029 Specify the ports which are reserved for known third-party
1035 list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and
1045 You can reserve ports which are not in the current
1059 ip_local_unbindable_ports - list of comma separated ranges
1072 ip_unprivileged_port_start - INTEGER
1073 This is a per-namespace sysctl. It defines the first
1076 To disable all privileged ports, set this to 0. They must not
1081 ip_nonlocal_bind - BOOLEAN
1082 If set, allows processes to bind() to non-local IP addresses,
1083 which can be quite useful - but may break some applications.
1087 ip_autobind_reuse - BOOLEAN
1096 ip_dynaddr - INTEGER
1097 If set non-zero, enables support for dynamic addresses.
1098 If set to a non-zero value larger than 1, a kernel log
1104 ip_early_demux - BOOLEAN
1110 reduces overall throughput, in such case you should disable it.
1114 ping_group_range - 2 INTEGERS
1121 tcp_early_demux - BOOLEAN
1126 udp_early_demux - BOOLEAN
1127 Enable early demux for connected UDP sockets. Disable this if
1132 icmp_echo_ignore_all - BOOLEAN
1133 If set non-zero, then the kernel will ignore all ICMP ECHO
1138 icmp_echo_ignore_broadcasts - BOOLEAN
1139 If set non-zero, then the kernel will ignore all ICMP ECHO and
1144 icmp_ratelimit - INTEGER
1147 0 to disable any limiting,
1154 icmp_msgs_per_sec - INTEGER
1162 icmp_msgs_burst - INTEGER
1169 icmp_ratemask - INTEGER
1196 icmp_ignore_bogus_error_responses - BOOLEAN
1204 icmp_errors_use_inbound_ifaddr - BOOLEAN
1209 If non-zero, the message will be sent with the primary address of
1212 a router. And it can make debugging complicated network layouts
1216 then the primary address of the first non-loopback interface that
1221 igmp_max_memberships - INTEGER
1222 Change the maximum number of multicast groups we can subscribe to.
1226 report in a single datagram (i.e. the report can't span multiple
1231 report entries you can fit into a single datagram of 65535 bytes.
1233 M = 65536-sizeof (ip header)/(sizeof(Group record))
1238 (65536-24) / 12 = 5459
1243 igmp_max_msf - INTEGER
1249 igmp_qrv - INTEGER
1256 force_igmp_version - INTEGER
1257 - 0 - (default) No enforcement of a IGMP version, IGMPv1/v2 fallback
1260 - 1 - Enforce to use IGMP version 1. Will also reply IGMPv1 report if
1262 - 2 - Enforce to use IGMP version 2. Will fallback to IGMPv1 if receive
1264 - 3 - Enforce to use IGMP version 3. The same react with default 0.
1280 log_martians - BOOLEAN
1286 accept_redirects - BOOLEAN
1290 - both conf/{all,interface}/accept_redirects are TRUE in the case
1295 - at least one of conf/{all,interface}/accept_redirects is TRUE in the
1302 - TRUE (host)
1303 - FALSE (router)
1305 forwarding - BOOLEAN
1307 received _on_ this interface can be forwarded.
1309 mc_forwarding - BOOLEAN
1315 medium_id - INTEGER
1317 are attached to. Two devices can have different id values when
1320 to its medium, value of -1 means that medium is not known.
1326 proxy_arp - BOOLEAN
1333 proxy_arp_pvlan - BOOLEAN
1351 Hewlett-Packard call it Source-Port filtering or port-isolation.
1352 Ericsson call it MAC-Forced Forwarding (RFC Draft).
1354 shared_media - BOOLEAN
1364 secure_redirects - BOOLEAN
1377 send_redirects - BOOLEAN
1386 bootp_relay - BOOLEAN
1397 accept_source_route - BOOLEAN
1404 - TRUE (router)
1405 - FALSE (host)
1407 accept_local - BOOLEAN
1409 suitable routing, this can be used to direct packets between two
1413 route_localnet - BOOLEAN
1419 rp_filter - INTEGER
1420 - 0 - No source validation.
1421 - 1 - Strict mode as defined in RFC3704 Strict Reverse Path
1425 - 2 - Loose mode as defined in RFC3704 Loose Reverse Path
1440 arp_filter - BOOLEAN
1441 - 1 - Allows you to have multiple network interfaces on the same
1448 - 0 - (default) The kernel can respond to arp requests with addresses
1452 particular interfaces. Only for more complex setups like load-
1459 arp_announce - INTEGER
1464 - 0 - (default) Use any local address, configured on any interface
1465 - 1 - Try to avoid local addresses that are not in the target's
1474 - 2 - Always use the best local address for this target.
1491 arp_ignore - INTEGER
1495 - 0 - (default): reply for any local target IP address, configured
1497 - 1 - reply only if the target IP address is local address
1499 - 2 - reply only if the target IP address is local address
1502 - 3 - do not reply for local addresses configured with scope host,
1504 - 4-7 - reserved
1505 - 8 - do not reply for all local addresses
1510 arp_notify - BOOLEAN
1519 arp_accept - BOOLEAN
1523 - 0 - don't create new entries in the ARP table
1524 - 1 - create new entries in the ARP table
1533 mcast_solicit - INTEGER
1538 ucast_solicit - INTEGER
1542 app_solicit - INTEGER
1547 mcast_resolicit - INTEGER
1551 disable_policy - BOOLEAN
1552 Disable IPSEC policy (SPD) for this interface
1554 disable_xfrm - BOOLEAN
1555 Disable IPSEC encryption on this interface, whatever the policy
1557 igmpv2_unsolicited_report_interval - INTEGER
1563 igmpv3_unsolicited_report_interval - INTEGER
1569 promote_secondaries - BOOLEAN
1574 drop_unicast_in_l2_multicast - BOOLEAN
1575 Drop any unicast IP packets that are received in link-layer
1583 drop_gratuitous_arp - BOOLEAN
1591 tag - INTEGER
1592 Allows you to write a number, which can be used as required.
1596 xfrm4_gc_thresh - INTEGER
1597 (Obsolete since linux-4.14)
1602 igmp_link_local_mcast_reports - BOOLEAN
1613 - Andi Kleen
1615 - Nicolas Delon
1627 bindv6only - BOOLEAN
1632 - TRUE: disable IPv4-mapped address feature
1633 - FALSE: enable IPv4-mapped address feature
1637 flowlabel_consistency - BOOLEAN
1639 You have to disable it to use IPV6_FL_F_REFLECT flag on the
1642 - TRUE: enabled
1643 - FALSE: disabled
1647 auto_flowlabels - INTEGER
1655 1 automatic flow labels are enabled by default, they can be
1666 flowlabel_state_ranges - BOOLEAN
1667 Split the flow label number space into two ranges. 0-0x7FFFF is
1668 reserved for the IPv6 flow manager facility, 0x80000-0xFFFFF
1671 - TRUE: enabled
1672 - FALSE: disabled
1676 flowlabel_reflect - INTEGER
1680 https://tools.ietf.org/html/draft-wang-6man-flow-label-reflection-01
1684 - 1: enabled for established flows
1687 in "tcp: change IPv6 flow-label upon receiving spurious retransmission"
1690 - 2: enabled for TCP RESET packets (no active listener)
1694 - 4: enabled for ICMPv6 echo reply messages.
1698 fib_multipath_hash_policy - INTEGER
1705 - 0 - Layer 3 (source and destination addresses plus flow label)
1706 - 1 - Layer 4 (standard 5-tuple)
1707 - 2 - Layer 3 or inner Layer 3 if present
1709 anycast_src_echo_reply - BOOLEAN
1713 - TRUE: enabled
1714 - FALSE: disabled
1718 idgen_delay - INTEGER
1725 idgen_retries - INTEGER
1731 mld_qrv - INTEGER
1738 max_dst_opts_number - INTEGER
1739 Maximum number of non-padding TLVs allowed in a Destination
1746 max_hbh_opts_number - INTEGER
1747 Maximum number of non-padding TLVs allowed in a Hop-by-Hop
1754 max_dst_opts_length - INTEGER
1760 max_hbh_length - INTEGER
1761 Maximum length allowed for a Hop-by-Hop options extension
1766 skip_notify_on_dev_down - BOOLEAN
1775 nexthop_compat_mode - BOOLEAN
1782 understands the new API, this sysctl can be disabled to achieve full
1789 ip6frag_high_thresh - INTEGER
1795 ip6frag_low_thresh - INTEGER
1798 ip6frag_time - INTEGER
1803 seg6_flowlabel - INTEGER
1808 -1 set flowlabel to zero.
1817 Change the interface-specific default settings.
1821 Change all the interface-specific settings.
1825 conf/all/forwarding - BOOLEAN
1836 proxy_ndp - BOOLEAN
1839 fwmark_reflect - BOOLEAN
1840 Controls the fwmark of kernel-generated IPv6 reply packets that are not
1853 accept_ra - INTEGER
1872 - enabled if local forwarding is disabled.
1873 - disabled if local forwarding is enabled.
1875 accept_ra_defrtr - BOOLEAN
1880 - enabled if accept_ra is enabled.
1881 - disabled if accept_ra is disabled.
1883 accept_ra_from_local - BOOLEAN
1884 Accept RA with source-address that is found on local machine
1887 Default is to NOT accept these as it may be an un-intended
1892 - enabled if accept_ra_from_local is enabled
1894 - disabled if accept_ra_from_local is disabled
1897 accept_ra_min_hop_limit - INTEGER
1905 accept_ra_pinfo - BOOLEAN
1910 - enabled if accept_ra is enabled.
1911 - disabled if accept_ra is disabled.
1913 accept_ra_rt_info_min_plen - INTEGER
1922 * -1 if accept_ra_rtr_pref is disabled.
1924 accept_ra_rt_info_max_plen - INTEGER
1933 * -1 if accept_ra_rtr_pref is disabled.
1935 accept_ra_rtr_pref - BOOLEAN
1940 - enabled if accept_ra is enabled.
1941 - disabled if accept_ra is disabled.
1943 accept_ra_mtu - BOOLEAN
1949 - enabled if accept_ra is enabled.
1950 - disabled if accept_ra is disabled.
1952 accept_redirects - BOOLEAN
1957 - enabled if local forwarding is disabled.
1958 - disabled if local forwarding is enabled.
1960 accept_source_route - INTEGER
1963 - >= 0: Accept only routing header type 2.
1964 - < 0: Do not accept routing header.
1968 autoconf - BOOLEAN
1974 - enabled if accept_ra_pinfo is enabled.
1975 - disabled if accept_ra_pinfo is disabled.
1977 dad_transmits - INTEGER
1982 forwarding - INTEGER
1983 Configure interface-specific Host/Router behaviour.
1992 - 0 Forwarding disabled
1993 - 1 Forwarding enabled
2019 hop_limit - INTEGER
2024 mtu - INTEGER
2029 ip_nonlocal_bind - BOOLEAN
2030 If set, allows processes to bind() to non-local IPv6 addresses,
2031 which can be quite useful - but may break some applications.
2035 router_probe_interval - INTEGER
2041 router_solicitation_delay - INTEGER
2047 router_solicitation_interval - INTEGER
2052 router_solicitations - INTEGER
2058 use_oif_addrs_only - BOOLEAN
2065 use_tempaddr - INTEGER
2068 * <= 0 : disable Privacy Extensions
2077 * -1 (for point-to-point devices and loopback devices)
2079 temp_valid_lft - INTEGER
2084 temp_prefered_lft - INTEGER
2089 keep_addr_on_down - INTEGER
2099 max_desync_factor - INTEGER
2107 regen_max_retry - INTEGER
2113 max_addresses - INTEGER
2121 disable_ipv6 - BOOLEAN
2122 Disable IPv6 operation. If accept_dad is set to 2, this value
2123 will be dynamically set to TRUE if DAD fails for the link-local
2129 it will dynamically create a link-local address on the given
2137 accept_dad - INTEGER
2141 0 Disable DAD
2143 2 Enable DAD, and disable IPv6 operation if MAC-based duplicate
2144 link-local address has been found.
2150 force_tllao - BOOLEAN
2151 Enable sending the target link-layer address option even when
2156 Quoting from RFC 2461, section 4.4, Target link-layer address:
2161 message. When responding to unicast solicitations, the option can be
2162 omitted since the sender of the solicitation has the correct link-
2164 solicitation in the first place. However, including the link-layer
2166 race condition where the sender deletes the cached link-layer address
2169 ndisc_notify - BOOLEAN
2172 * 0 - (default): do nothing
2173 * 1 - Generate unsolicited neighbour advertisements when device is brought
2176 ndisc_tclass - INTEGER
2180 These 8 bits can be interpreted as 6 high order bits holding the DSCP
2184 * 0 - (default)
2186 mldv1_unsolicited_report_interval - INTEGER
2192 mldv2_unsolicited_report_interval - INTEGER
2198 force_mld_version - INTEGER
2199 * 0 - (default) No enforcement of a MLD version, MLDv1 fallback allowed
2200 * 1 - Enforce to use MLD version 1
2201 * 2 - Enforce to use MLD version 2
2203 suppress_frag_ndisc - INTEGER
2207 * 1 - (default) discard fragmented neighbor discovery packets
2208 * 0 - allow fragmented neighbor discovery packets
2210 optimistic_dad - BOOLEAN
2220 use_optimistic - BOOLEAN
2232 stable_secret - IPv6 address
2234 addresses for link-local addresses and autoconfigured
2236 be stable privacy ones by default. This can be changed via the
2237 addrgenmode ip-link. conf/default/stable_secret is used as the
2238 secret for the namespace, the interface specific ones can
2246 addr_gen_mode - INTEGER
2247 Defines how link-local and autoconf addresses are generated.
2251 1 do no generate a link-local address, use EUI64 for addresses
2258 drop_unicast_in_l2_multicast - BOOLEAN
2259 Drop any unicast IPv6 packets that are received in link-layer
2264 drop_unsolicited_na - BOOLEAN
2271 enhanced_dad - BOOLEAN
2284 ratelimit - INTEGER
2287 0 to disable any limiting,
2292 ratemask - list of comma separated ranges
2297 list of ranges (e.g. "0-127,129" for ICMPv6 message type 0 to 127 and
2301 Refer to: https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml
2305 Default: 0-1,3-127 (rate limit ICMPv6 errors except Packet Too Big)
2307 echo_ignore_all - BOOLEAN
2308 If set non-zero, then the kernel will ignore all ICMP ECHO
2313 echo_ignore_multicast - BOOLEAN
2314 If set non-zero, then the kernel will ignore all ICMP ECHO
2319 echo_ignore_anycast - BOOLEAN
2320 If set non-zero, then the kernel will ignore all ICMP ECHO
2325 xfrm6_gc_thresh - INTEGER
2326 (Obsolete since linux-4.14)
2334 YOSHIFUJI Hideaki / USAGI Project <yoshfuji@linux-ipv6.org>
2340 bridge-nf-call-arptables - BOOLEAN
2341 - 1 : pass bridged ARP traffic to arptables' FORWARD chain.
2342 - 0 : disable this.
2346 bridge-nf-call-iptables - BOOLEAN
2347 - 1 : pass bridged IPv4 traffic to iptables' chains.
2348 - 0 : disable this.
2352 bridge-nf-call-ip6tables - BOOLEAN
2353 - 1 : pass bridged IPv6 traffic to ip6tables' chains.
2354 - 0 : disable this.
2358 bridge-nf-filter-vlan-tagged - BOOLEAN
2359 - 1 : pass bridged vlan-tagged ARP/IP/IPv6 traffic to {arp,ip,ip6}tables.
2360 - 0 : disable this.
2364 bridge-nf-filter-pppoe-tagged - BOOLEAN
2365 - 1 : pass bridged pppoe-tagged IP/IPv6 traffic to {ip,ip6}tables.
2366 - 0 : disable this.
2370 bridge-nf-pass-vlan-input-dev - BOOLEAN
2371 - 1: if bridge-nf-filter-vlan-tagged is enabled, try to find a vlan
2373 vlan. This allows use of e.g. "iptables -i br0.1" and makes the
2374 REDIRECT target work with vlan-on-top-of-bridge interfaces. When no
2378 - 0: disable bridge netfilter vlan interface lookup.
2385 addip_enable - BOOLEAN
2386 Enable or disable extension of Dynamic Address Reconfiguration
2387 (ADD-IP) functionality specified in RFC5061. This extension provides
2393 0: Disable extension.
2397 pf_enable - INTEGER
2398 Enable or disable pf (pf is short for potentially failed) state. A value
2400 both pf_enable and pf_retrans > path_max_retrans can disable pf state.
2401 Since pf_retrans and path_max_retrans can be changed by userspace
2402 application, sometimes user expects to disable pf state by the value of
2406 and disable pf state. See:
2407 https://datatracker.ietf.org/doc/draft-ietf-tsvwg-sctp-failover for
2412 0: Disable pf.
2416 pf_expose - INTEGER
2417 Unset or enable/disable pf (pf is short for potentially failed) state
2418 exposure. Applications can control the exposure of the PF path state
2421 SCTP_ADDR_PF state will be sent and a SCTP_PF-state transport info
2422 can be got via SCTP_GET_PEER_ADDR_INFO sockopt; When it's enabled,
2424 SCTP_PF state and a SCTP_PF-state transport info can be got via
2426 SCTP_PEER_ADDR_CHANGE event will be sent and it returns -EACCES when
2427 trying to get a SCTP_PF-state transport info via SCTP_GET_PEER_ADDR_INFO
2432 1: Disable pf state exposure.
2438 addip_noauth_enable - BOOLEAN
2439 Dynamic Address Reconfiguration (ADD-IP) requires the use of
2444 allowing the ADD-IP extension. For reasons of interoperability,
2449 1 Allow ADD-IP extension to be used without authentication. This
2458 auth_enable - BOOLEAN
2459 Enable or disable Authenticated Chunks extension. This extension
2462 (ADD-IP) extension.
2464 - 1: Enable this extension.
2465 - 0: Disable this extension.
2469 prsctp_enable - BOOLEAN
2470 Enable or disable the Partial Reliability extension (RFC3758) which
2473 - 1: Enable extension
2474 - 0: Disable
2478 max_burst - INTEGER
2479 The limit of the number of new packets that can be initially sent. It
2480 controls how bursty the generated traffic can be.
2484 association_max_retrans - INTEGER
2485 Set the maximum number for retransmissions that an association can
2491 max_init_retransmits - INTEGER
2492 The maximum number of retransmissions of INIT and COOKIE-ECHO chunks
2498 path_max_retrans - INTEGER
2506 pf_retrans - INTEGER
2510 passes the pf_retrans threshold can still be used. Its only
2514 http://www.ietf.org/id/draft-nishida-tsvwg-sctp-failover-05.txt
2516 disables this feature. Since both pf_retrans and path_max_retrans can
2518 disable pf state.
2522 ps_retrans - INTEGER
2524 from section-5 "Primary Path Switchover" in rfc7829. The primary path
2530 and its value can't be less than 'pf_retrans' when changing by sysctl.
2534 rto_initial - INTEGER
2541 rto_max - INTEGER
2543 is the largest time interval that can elapse between retransmissions.
2547 rto_min - INTEGER
2549 is the smallest time interval the can elapse between retransmissions.
2553 hb_interval - INTEGER
2560 sack_timeout - INTEGER
2566 valid_cookie_life - INTEGER
2572 cookie_preserve_enable - BOOLEAN
2573 Enable or disable the ability to extend the lifetime of the SCTP cookie
2576 - 1: Enable cookie lifetime extension.
2577 - 0: Disable
2581 cookie_hmac_alg - STRING
2583 a listening sctp socket to a connecting client in the INIT-ACK chunk.
2597 rcvbuf_policy - INTEGER
2608 - 1: rcvbuf space is per association
2609 - 0: rcvbuf space is per socket
2613 sndbuf_policy - INTEGER
2616 - 1: Send buffer is tracked per association
2617 - 0: Send buffer is tracked per socket.
2621 sctp_mem - vector of 3 INTEGERs: min, pressure, max
2634 sctp_rmem - vector of 3 INTEGERs: min, default, max
2644 sctp_wmem - vector of 3 INTEGERs: min, default, max
2648 min: Minimum size of send buffer that can be used by SCTP sockets.
2654 addr_scope_policy - INTEGER
2655 Control IPv4 address scoping - draft-stewart-tsvwg-sctp-ipv4-00
2657 - 0 - Disable IPv4 address scoping
2658 - 1 - Enable IPv4 address scoping
2659 - 2 - Follow draft but allow IPv4 private addresses
2660 - 3 - Follow draft but allow IPv4 link local addresses
2668 Please see: Documentation/admin-guide/sysctl/net.rst for descriptions of these entries.
2674 max_dgram_qlen - INTEGER