* [PATCH] docs: describe /proc/sys/net/ipv4/ping_group_range
@ 2011-05-18 17:49 Vasiliy Kulikov
0 siblings, 0 replies; only message in thread
From: Vasiliy Kulikov @ 2011-05-18 17:49 UTC (permalink / raw)
To: linux-kernel; +Cc: Randy Dunlap, David S. Miller, linux-doc, linux-kernel
Copied the patch description from c319b4d76b9e with minor
formatting changes.
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
---
Documentation/networking/ip-sysctl.txt | 17 +++++++++++++++++
1 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index d3d653a..3e119d9 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -717,6 +717,23 @@ icmp_errors_use_inbound_ifaddr - BOOLEAN
Default: 0
+ping_group_range - vector of 2 INTEGERs: min, max
+ Specify the group range allowed to create non-raw icmp sockets.
+
+ Possible applications:
+
+ 1 0 (default) - nobody (not even root) may create ping sockets.
+
+ 100 100 - grant permissions to the single group to either make
+ /sbin/ping sgid'ed and owned by this group or to grant permissions
+ to the "netadmins" group.
+
+ 0 4294967295 - enable it for the world.
+
+ 100 4294967295 - enable it for the users, but not daemons.
+
+ Default: 1 0
+
igmp_max_memberships - INTEGER
Change the maximum number of multicast groups we can subscribe to.
Default: 20
--
1.7.0.4
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2011-05-18 17:50 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-18 17:49 [PATCH] docs: describe /proc/sys/net/ipv4/ping_group_range Vasiliy Kulikov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox