In the Linux distribution, there is a/proc/directory, some also called it the proc file system. In this directory, there are special files that can be used not only to reflect the current state of the kernel and to view hardware information, but also to allow users to modify the contents of the kernel to adjust the current working state of the kernels, such as files under the/proc/sys/subdirectory.
Unlike other directories in the/proc/directory, files in the/proc/sys/directory not only provide information about the system, but also allow users to immediately stop or turn on certain features and functions of the kernel. The/proc/sys/net/subdirectory in the/proc/sys/directory is more relevant to the network, we can set some of the files in this directory to open the special features related to network applications, but also by setting up some of the files in this directory to protect our network security. Therefore, as a network administrator under Linux, it is necessary to have a detailed understanding of the/proc/sys/net/directory of the various functions and settings, so that it can better work for us.
A,/proc/sys/net/directory description.
The/proc/sys/net/directory mainly includes many network-related topics, such as: appletalk/,ethernet/,ipv4/,ipx/, and ipv6/. By changing the files in these directories, network administrators can adjust the relevant network parameters while the system is running. Although there are many ways to configure the network in Linux, familiarity with the contents of this directory is a great help to network applications.
In the/proc/sys/net/directory has two directories, and the current IPV4 network operation is closely related to the adjustment of the two directories under the parameters of some files, can bring our network applications to the unexpected effect, these two directories is the/proc/sys/net/core/directory and/ proc/sys/net/ipv4/directory, the following author will be the two directory of important documents to make a detailed description.
1,/proc/sys/net/core/directory.
This directory includes a number of settings to control how the Linux kernel interacts with the network layer, that is, what the kernel does when the network moves.
Some of the following important documents are included:
(1), Message_burst: Set every 10 seconds to write how many times the request warning, this setting can be used to prevent Dos attacks, the default setting is 50;
(2), Message_cost: Set the measure of each warning, the default is 5, when used to prevent Dos attacks set to 0;
(3), Netdev_max_backlog: Set when the individual interface to receive packets faster than the kernel processing speed to allow the largest packet sequence, the default is 300;
(4), Optmem_max: Set the maximum grant cache size for each socket;
(5), Rmem_default: Set the default cache size (bytes) for receiving sockets;
(6), Rmem_max: Set the maximum cache size (bytes) for receiving sockets;
(7), Wmem_default: Set the socket default cache size (bytes) sent;
(8), Wmem_max: Set the maximum cache size (bytes) sent by the socket.