More ip rules

src/freedombone-utils-firewall

@@ -160,6 +160,24 @@ function configure_internet_protocol {
         echo 'net.ipv4.tcp_keepalive_intvl = 75' >> /etc/sysctl.conf
         echo 'net.ipv4.tcp_keepalive_time = 7200' >> /etc/sysctl.conf
     fi
+    if ! grep -q "net.ipv4.conf.default.send_redirects" /etc/sysctl.conf; then
+        echo "net.ipv4.conf.default.send_redirects = 0" >> /etc/sysctl.conf
+    else
+        sed -i "s|#net.ipv4.conf.default.send_redirects.*|net.ipv4.conf.default.send_redirects = 0|g" /etc/sysctl.conf
+        sed -i "s|net.ipv4.conf.default.send_redirects.*|net.ipv4.conf.default.send_redirects = 0|g" /etc/sysctl.conf
+    fi
+    if ! grep -q "net.ipv4.conf.all.secure_redirects" /etc/sysctl.conf; then
+        echo "net.ipv4.conf.all.secure_redirects = 0" >> /etc/sysctl.conf
+    else
+        sed -i "s|#net.ipv4.conf.all.secure_redirects.*|net.ipv4.conf.all.secure_redirects = 0|g" /etc/sysctl.conf
+        sed -i "s|net.ipv4.conf.all.secure_redirects.*|net.ipv4.conf.all.secure_redirects = 0|g" /etc/sysctl.conf
+    fi
+    if ! grep -q "net.ipv4.conf.default.accept_source_route" /etc/sysctl.conf; then
+        echo "net.ipv4.conf.default.accept_source_route = 0" >> /etc/sysctl.conf
+    else
+        sed -i "s|#net.ipv4.conf.default.accept_source_route.*|net.ipv4.conf.default.accept_source_route = 0|g" /etc/sysctl.conf
+        sed -i "s|net.ipv4.conf.default.accept_source_route.*|net.ipv4.conf.default.accept_source_route = 0|g" /etc/sysctl.conf
+    fi
     mark_completed $FUNCNAME
 }