The role of this subdirectory is to report
different kernel parameters, and to allow you to interactively change some
of them. As opposed to all other files in /proc
, some
files in this directory can be written to, but only by
root
.
A list of directories and files would take too long to describe, mostly because the content of the directories are system-dependent and that most files will only be useful for very specialized applications. However, here are two common uses of this subdirectory:
Allow routing: even if the default kernel
from Mandrakelinux is able to route, you must explicitly allow
it to do so. For this, you just have to type the following command as
root
:
$ echo 1 >/proc/sys/net/ipv4/ip_forward
Prevent IP spoofing: IP spoofing consists of making one believe that a packet coming from the outside world comes from the interface by which it arrives. This technique is very commonly used by crackers [30]. You can make the kernel prevent this kind of intrusion. Type:
$ echo 1 >/proc/sys/net/ipv4/conf/all/rp_filter
These changes will only remain in
effect while the system is running. If the system is rebooted,
then the values will go back to their defaults. To reset the
values to something other than the default at boot time, you can
take the commands that you typed at the shell prompt and add them
to /etc/rc.d/rc.local
so that you avoid
typing them each time. Another solution is to modify
/etc/sysctl.conf
, see sysctl.conf(5).