Find the answer to your Linux question:
Results 1 to 2 of 2
what does these scripts means if it is in the /etc/rc.local #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2008
    Posts
    70

    what does these scripts means


    what does these scripts means if it is in the /etc/rc.local


    #!/bin/sh
    #
    # This script will be executed *after* all the other init scripts.
    # You can put your own initialization stuff in here if you don't
    # want to do the full Sys V style init stuff.

    sysctl -w fs.file-max=6553550
    sleep 1
    echo 1310720 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
    echo 1310720 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
    echo 1310720 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
    echo 1310720 > /proc/sys/net/ipv4/ip_conntrack_max
    echo 1 > /proc/sys/net/ipv4/tcp_syncookies

  2. #2
    Linux User nalg0rath's Avatar
    Join Date
    Sep 2004
    Location
    Stockholm
    Posts
    303
    Code:
    sysctl -w fs.file-max=6553550
    Sets the maximum number of file handlers that the kernel will handle to 6553550 files.

    Code:
    sleep 1
    Pauses script execution for one second.

    Code:
    echo 1310720 > /proc/sys/net/ipv4/neigh/default/gc_thresh{1,2,3}
    Sets the limit of the ARP table (the table that maps MAC addresses to IP-addresses). The ARP table should contain the addresses for LAN where the communication uses the MAC-adress for addressing (while WAN uses IP-address).

    There is some difference in 1, 2, 3 that I don't know - but 3 is the absolute limit.

    Code:
    echo 1310720 > /proc/sys/net/ipv4/ip_conntrack_max
    AFAIK this is used to set the limit of Iptables tracking the connections. Iptables tracks connections so that it may filter connections by tracking the state of connections (so that it might filter connections that change).

    Code:
    echo 1 > /proc/sys/net/ipv4/tcp_syncookie
    Enables TCP_SYNcookies module that prevents SYN-flooding attacks.

    That they are in rc.local means that the settings will be set when you boot. personally I thingk that the settings seems like overkill - you should use settings that fit your needs.

    If you're wondering what the script actually does it passes the output of the program echo (which is the parameters of the echo command) to a proc. Many networking/Iptables settings are set by sending values to in-streams that the processes are listening to. The "sysctl" util is used to set sytem settings (specifically configuring the kernel at runtime).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •