#增大每个套接字的缓冲区大小net.core.optmem_max = 81920#接收缓冲区大小net.core.rmem_max = 513920#发送缓冲区大小(理想数值是吞吐量*延迟)net.core.wmem_max = 513920#TCP接收缓冲区范围(min dafault max,系统会自动在范围内调整)net.ipv4.tcp_rmem = 4096 87380 16777216#TCP发送缓冲区范围net.ipv4.tcp_wmem = 4096 65536 16777216#UDP缓冲区范围net.ipv4.udp_mem = 188562 251418 377124
#增大每个套接字的缓冲区大小
net.core.optmem_max = 81920
#接收缓冲区大小
net.core.rmem_max = 513920
#发送缓冲区大小(理想数值是吞吐量*延迟)
net.core.wmem_max = 513920
#TCP接收缓冲区范围(min dafault max,系统会自动在范围内调整)
net.ipv4.tcp_rmem = 4096 87380 16777216
#TCP发送缓冲区范围
net.ipv4.tcp_wmem = 4096 65536 16777216
#UDP缓冲区范围
net.ipv4.udp_mem = 188562 251418 377124
#增大TIME_WAIT状态的连接数net.ipv4.tcp_max_tw_buckets = 1048576#连接跟踪表的大小net.netfilter.nf_conntrack_max = 1048576#缩短处于TIME_WAIT状态的超时时间net.ipv4.tcp_fin_timeout = 15#缩短连接跟踪表中处于TIME_WAIT状态连接的超时时间net.netfilter.nf_conntrack_tcp_timeout_time_wait = 30#TIME_WAIT端口重用net.ipv4.tcp_tw_reuse = 1#增大本地端口号范围net.ipv4.ip_local_port_range = 10000 65000#增加进程的句柄数(可在limit.conf配置,ulimit的hard不能大于nr_open)fs.nr_open = 1048576#半连接的最大数量(若启用COOKIEs参数无效)net.ipv4.tcp_max_syn_backlog = 16384#系统级别的全连接队列最大长度net.core.somaxcOnn= 2048#开启syn COOKIEsnet.ipv4.tcp_synCOOKIEs = 1#缩短长连接探测包的时间间隔net.ipv4.tcp_keepalive_intvl = 30#减少keepalive探测包失败的重试次数net.ipv4.tcp_keepalive_probes = 3#缩短探测包间隔时间net.ipv4.tcp_keepalive_time = 600
#增大TIME_WAIT状态的连接数
net.ipv4.tcp_max_tw_buckets = 1048576
#连接跟踪表的大小
net.netfilter.nf_conntrack_max = 1048576
#缩短处于TIME_WAIT状态的超时时间
net.ipv4.tcp_fin_timeout = 15
#缩短连接跟踪表中处于TIME_WAIT状态连接的超时时间
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 30
#TIME_WAIT端口重用
net.ipv4.tcp_tw_reuse = 1
#增大本地端口号范围
net.ipv4.ip_local_port_range = 10000 65000
#增加进程的句柄数(可在limit.conf配置,ulimit的hard不能大于nr_open)
fs.nr_open = 1048576
#半连接的最大数量(若启用COOKIEs参数无效)
net.ipv4.tcp_max_syn_backlog = 16384
#系统级别的全连接队列最大长度
net.core.somaxcOnn= 2048
#开启syn COOKIEs
net.ipv4.tcp_synCOOKIEs = 1
#缩短长连接探测包的时间间隔
net.ipv4.tcp_keepalive_intvl = 30
#减少keepalive探测包失败的重试次数
net.ipv4.tcp_keepalive_probes = 3
#缩短探测包间隔时间
net.ipv4.tcp_keepalive_time = 600
#关闭路由转发,如果是NAT记得开启 net.ipv4.ip_forward = 0 #禁ping net.ipv4.icmp_echo_ignore_all = 1 #开启数据包的反向地址校验 net.ipv4.conf.default.rp_filter = 1
#关闭路由转发,如果是NAT记得开启
net.ipv4.ip_forward = 0
#禁ping
net.ipv4.icmp_echo_ignore_all = 1
#开启数据包的反向地址校验
net.ipv4.conf.default.rp_filter = 1
部分内容来自网络,如有侵权请联系作者删除。
![[BUUCTF] xman_2019_nooocall](https://img2.php1.cn/3cdc5/371d/ae9/2e35784b3f764b13.png)
京公网安备 11010802041100号