Setting kernel parameters with sysctl
The traditional method that you’ll see in older Linux textbooks is to echo a value into a /proc/ parameter. This doesn’t directly work with sudo, so you’ll need to use the bash -c command to force the command to execute. Here, you can see me changing the value for the icmp_echo_ignore_all parameter:
[donnie@localhost ~]$ sudo bash -c "echo '1' > /proc/sys/net/ipv4/icmp_echo_ignore_all"
[donnie@localhost ~]$ cat /proc/sys/net/ipv4/icmp_echo_ignore_all
1
[donnie@localhost ~]$
With the value set to 1, this machine will now ignore all ping packets, regardless of how the firewall is configured. Any value you set like this is temporary and will go back to its default setting when you reboot the machine.
Next in the list after this one is the icmp_echo_ignore_broadcasts setting, which looks like this:
[donnie@localhost ipv4]$ cat icmp_echo_ignore_broadcasts
1
[donnie@localhost ipv4]$
