aboutsummaryrefslogtreecommitdiffstats
path: root/Documentation/filesystems/proc.txt
diff options
context:
space:
mode:
Diffstat (limited to 'Documentation/filesystems/proc.txt')
-rw-r--r--Documentation/filesystems/proc.txt1097
1 files changed, 28 insertions, 1069 deletions
diff --git a/Documentation/filesystems/proc.txt b/Documentation/filesystems/proc.txt
index efc4fd9f40ce..ce84cfc9eae0 100644
--- a/Documentation/filesystems/proc.txt
+++ b/Documentation/filesystems/proc.txt
@@ -5,6 +5,7 @@
5 Bodo Bauer <bb@ricochet.net> 5 Bodo Bauer <bb@ricochet.net>
6 6
72.4.x update Jorge Nerin <comandante@zaralinux.com> November 14 2000 72.4.x update Jorge Nerin <comandante@zaralinux.com> November 14 2000
8move /proc/sys Shen Feng <shen@cn.fujitsu.com> April 1 2009
8------------------------------------------------------------------------------ 9------------------------------------------------------------------------------
9Version 1.3 Kernel version 2.2.12 10Version 1.3 Kernel version 2.2.12
10 Kernel version 2.4.0-test11-pre4 11 Kernel version 2.4.0-test11-pre4
@@ -26,25 +27,17 @@ Table of Contents
26 1.6 Parallel port info in /proc/parport 27 1.6 Parallel port info in /proc/parport
27 1.7 TTY info in /proc/tty 28 1.7 TTY info in /proc/tty
28 1.8 Miscellaneous kernel statistics in /proc/stat 29 1.8 Miscellaneous kernel statistics in /proc/stat
30 1.9 Ext4 file system parameters
29 31
30 2 Modifying System Parameters 32 2 Modifying System Parameters
31 2.1 /proc/sys/fs - File system data 33
32 2.2 /proc/sys/fs/binfmt_misc - Miscellaneous binary formats 34 3 Per-Process Parameters
33 2.3 /proc/sys/kernel - general kernel parameters 35 3.1 /proc/<pid>/oom_adj - Adjust the oom-killer score
34 2.4 /proc/sys/vm - The virtual memory subsystem 36 3.2 /proc/<pid>/oom_score - Display current oom-killer score
35 2.5 /proc/sys/dev - Device specific parameters 37 3.3 /proc/<pid>/io - Display the IO accounting fields
36 2.6 /proc/sys/sunrpc - Remote procedure calls 38 3.4 /proc/<pid>/coredump_filter - Core dump filtering settings
37 2.7 /proc/sys/net - Networking stuff 39 3.5 /proc/<pid>/mountinfo - Information about mounts
38 2.8 /proc/sys/net/ipv4 - IPV4 settings 40
39 2.9 Appletalk
40 2.10 IPX
41 2.11 /proc/sys/fs/mqueue - POSIX message queues filesystem
42 2.12 /proc/<pid>/oom_adj - Adjust the oom-killer score
43 2.13 /proc/<pid>/oom_score - Display current oom-killer score
44 2.14 /proc/<pid>/io - Display the IO accounting fields
45 2.15 /proc/<pid>/coredump_filter - Core dump filtering settings
46 2.16 /proc/<pid>/mountinfo - Information about mounts
47 2.17 /proc/sys/fs/epoll - Configuration options for the epoll interface
48 41
49------------------------------------------------------------------------------ 42------------------------------------------------------------------------------
50Preface 43Preface
@@ -990,1021 +983,24 @@ review the kernel documentation in the directory /usr/src/linux/Documentation.
990This chapter is heavily based on the documentation included in the pre 2.2 983This chapter is heavily based on the documentation included in the pre 2.2
991kernels, and became part of it in version 2.2.1 of the Linux kernel. 984kernels, and became part of it in version 2.2.1 of the Linux kernel.
992 985
9932.1 /proc/sys/fs - File system data 986Please see: Documentation/sysctls/ directory for descriptions of these
994-----------------------------------
995
996This subdirectory contains specific file system, file handle, inode, dentry
997and quota information.
998
999Currently, these files are in /proc/sys/fs:
1000
1001dentry-state
1002------------
1003
1004Status of the directory cache. Since directory entries are dynamically
1005allocated and deallocated, this file indicates the current status. It holds
1006six values, in which the last two are not used and are always zero. The others
1007are listed in table 2-1.
1008
1009
1010Table 2-1: Status files of the directory cache
1011..............................................................................
1012 File Content
1013 nr_dentry Almost always zero
1014 nr_unused Number of unused cache entries
1015 age_limit
1016 in seconds after the entry may be reclaimed, when memory is short
1017 want_pages internally
1018..............................................................................
1019
1020dquot-nr and dquot-max
1021----------------------
1022
1023The file dquot-max shows the maximum number of cached disk quota entries.
1024
1025The file dquot-nr shows the number of allocated disk quota entries and the
1026number of free disk quota entries.
1027
1028If the number of available cached disk quotas is very low and you have a large
1029number of simultaneous system users, you might want to raise the limit.
1030
1031file-nr and file-max
1032--------------------
1033
1034The kernel allocates file handles dynamically, but doesn't free them again at
1035this time.
1036
1037The value in file-max denotes the maximum number of file handles that the
1038Linux kernel will allocate. When you get a lot of error messages about running
1039out of file handles, you might want to raise this limit. The default value is
104010% of RAM in kilobytes. To change it, just write the new number into the
1041file:
1042
1043 # cat /proc/sys/fs/file-max
1044 4096
1045 # echo 8192 > /proc/sys/fs/file-max
1046 # cat /proc/sys/fs/file-max
1047 8192
1048
1049
1050This method of revision is useful for all customizable parameters of the
1051kernel - simply echo the new value to the corresponding file.
1052
1053Historically, the three values in file-nr denoted the number of allocated file
1054handles, the number of allocated but unused file handles, and the maximum
1055number of file handles. Linux 2.6 always reports 0 as the number of free file
1056handles -- this is not an error, it just means that the number of allocated
1057file handles exactly matches the number of used file handles.
1058
1059Attempts to allocate more file descriptors than file-max are reported with
1060printk, look for "VFS: file-max limit <number> reached".
1061
1062inode-state and inode-nr
1063------------------------
1064
1065The file inode-nr contains the first two items from inode-state, so we'll skip
1066to that file...
1067
1068inode-state contains two actual numbers and five dummy values. The numbers
1069are nr_inodes and nr_free_inodes (in order of appearance).
1070
1071nr_inodes
1072~~~~~~~~~
1073
1074Denotes the number of inodes the system has allocated. This number will
1075grow and shrink dynamically.
1076
1077nr_open
1078-------
1079
1080Denotes the maximum number of file-handles a process can
1081allocate. Default value is 1024*1024 (1048576) which should be
1082enough for most machines. Actual limit depends on RLIMIT_NOFILE
1083resource limit.
1084
1085nr_free_inodes
1086--------------
1087
1088Represents the number of free inodes. Ie. The number of inuse inodes is
1089(nr_inodes - nr_free_inodes).
1090
1091aio-nr and aio-max-nr
1092---------------------
1093
1094aio-nr is the running total of the number of events specified on the
1095io_setup system call for all currently active aio contexts. If aio-nr
1096reaches aio-max-nr then io_setup will fail with EAGAIN. Note that
1097raising aio-max-nr does not result in the pre-allocation or re-sizing
1098of any kernel data structures.
1099
11002.2 /proc/sys/fs/binfmt_misc - Miscellaneous binary formats
1101-----------------------------------------------------------
1102
1103Besides these files, there is the subdirectory /proc/sys/fs/binfmt_misc. This
1104handles the kernel support for miscellaneous binary formats.
1105
1106Binfmt_misc provides the ability to register additional binary formats to the
1107Kernel without compiling an additional module/kernel. Therefore, binfmt_misc
1108needs to know magic numbers at the beginning or the filename extension of the
1109binary.
1110
1111It works by maintaining a linked list of structs that contain a description of
1112a binary format, including a magic with size (or the filename extension),
1113offset and mask, and the interpreter name. On request it invokes the given
1114interpreter with the original program as argument, as binfmt_java and
1115binfmt_em86 and binfmt_mz do. Since binfmt_misc does not define any default
1116binary-formats, you have to register an additional binary-format.
1117
1118There are two general files in binfmt_misc and one file per registered format.
1119The two general files are register and status.
1120
1121Registering a new binary format
1122-------------------------------
1123
1124To register a new binary format you have to issue the command
1125
1126 echo :name:type:offset:magic:mask:interpreter: > /proc/sys/fs/binfmt_misc/register
1127
1128
1129
1130with appropriate name (the name for the /proc-dir entry), offset (defaults to
11310, if omitted), magic, mask (which can be omitted, defaults to all 0xff) and
1132last but not least, the interpreter that is to be invoked (for example and
1133testing /bin/echo). Type can be M for usual magic matching or E for filename
1134extension matching (give extension in place of magic).
1135
1136Check or reset the status of the binary format handler
1137------------------------------------------------------
1138
1139If you do a cat on the file /proc/sys/fs/binfmt_misc/status, you will get the
1140current status (enabled/disabled) of binfmt_misc. Change the status by echoing
11410 (disables) or 1 (enables) or -1 (caution: this clears all previously
1142registered binary formats) to status. For example echo 0 > status to disable
1143binfmt_misc (temporarily).
1144
1145Status of a single handler
1146--------------------------
1147
1148Each registered handler has an entry in /proc/sys/fs/binfmt_misc. These files
1149perform the same function as status, but their scope is limited to the actual
1150binary format. By cating this file, you also receive all related information
1151about the interpreter/magic of the binfmt.
1152
1153Example usage of binfmt_misc (emulate binfmt_java)
1154--------------------------------------------------
1155
1156 cd /proc/sys/fs/binfmt_misc
1157 echo ':Java:M::\xca\xfe\xba\xbe::/usr/local/java/bin/javawrapper:' > register
1158 echo ':HTML:E::html::/usr/local/java/bin/appletviewer:' > register
1159 echo ':Applet:M::<!--applet::/usr/local/java/bin/appletviewer:' > register
1160 echo ':DEXE:M::\x0eDEX::/usr/bin/dosexec:' > register
1161
1162
1163These four lines add support for Java executables and Java applets (like
1164binfmt_java, additionally recognizing the .html extension with no need to put
1165<!--applet> to every applet file). You have to install the JDK and the
1166shell-script /usr/local/java/bin/javawrapper too. It works around the
1167brokenness of the Java filename handling. To add a Java binary, just create a
1168link to the class-file somewhere in the path.
1169
11702.3 /proc/sys/kernel - general kernel parameters
1171------------------------------------------------
1172
1173This directory reflects general kernel behaviors. As I've said before, the
1174contents depend on your configuration. Here you'll find the most important
1175files, along with descriptions of what they mean and how to use them.
1176
1177acct
1178----
1179
1180The file contains three values; highwater, lowwater, and frequency.
1181
1182It exists only when BSD-style process accounting is enabled. These values
1183control its behavior. If the free space on the file system where the log lives
1184goes below lowwater percentage, accounting suspends. If it goes above
1185highwater percentage, accounting resumes. Frequency determines how often you
1186check the amount of free space (value is in seconds). Default settings are: 4,
11872, and 30. That is, suspend accounting if there is less than 2 percent free;
1188resume it if we have a value of 3 or more percent; consider information about
1189the amount of free space valid for 30 seconds
1190
1191ctrl-alt-del
1192------------
1193
1194When the value in this file is 0, ctrl-alt-del is trapped and sent to the init
1195program to handle a graceful restart. However, when the value is greater that
1196zero, Linux's reaction to this key combination will be an immediate reboot,
1197without syncing its dirty buffers.
1198
1199[NOTE]
1200 When a program (like dosemu) has the keyboard in raw mode, the
1201 ctrl-alt-del is intercepted by the program before it ever reaches the
1202 kernel tty layer, and it is up to the program to decide what to do with
1203 it.
1204
1205domainname and hostname
1206-----------------------
1207
1208These files can be controlled to set the NIS domainname and hostname of your
1209box. For the classic darkstar.frop.org a simple:
1210
1211 # echo "darkstar" > /proc/sys/kernel/hostname
1212 # echo "frop.org" > /proc/sys/kernel/domainname
1213
1214
1215would suffice to set your hostname and NIS domainname.
1216
1217osrelease, ostype and version
1218-----------------------------
1219
1220The names make it pretty obvious what these fields contain:
1221
1222 > cat /proc/sys/kernel/osrelease
1223 2.2.12
1224
1225 > cat /proc/sys/kernel/ostype
1226 Linux
1227
1228 > cat /proc/sys/kernel/version
1229 #4 Fri Oct 1 12:41:14 PDT 1999
1230
1231
1232The files osrelease and ostype should be clear enough. Version needs a little
1233more clarification. The #4 means that this is the 4th kernel built from this
1234source base and the date after it indicates the time the kernel was built. The
1235only way to tune these values is to rebuild the kernel.
1236
1237panic
1238-----
1239
1240The value in this file represents the number of seconds the kernel waits
1241before rebooting on a panic. When you use the software watchdog, the
1242recommended setting is 60. If set to 0, the auto reboot after a kernel panic
1243is disabled, which is the default setting.
1244
1245printk
1246------
1247
1248The four values in printk denote
1249* console_loglevel,
1250* default_message_loglevel,
1251* minimum_console_loglevel and
1252* default_console_loglevel
1253respectively.
1254
1255These values influence printk() behavior when printing or logging error
1256messages, which come from inside the kernel. See syslog(2) for more
1257information on the different log levels.
1258
1259console_loglevel
1260----------------
1261
1262Messages with a higher priority than this will be printed to the console.
1263
1264default_message_level
1265---------------------
1266
1267Messages without an explicit priority will be printed with this priority.
1268
1269minimum_console_loglevel
1270------------------------
1271
1272Minimum (highest) value to which the console_loglevel can be set.
1273
1274default_console_loglevel
1275------------------------
1276
1277Default value for console_loglevel.
1278
1279sg-big-buff
1280-----------
1281
1282This file shows the size of the generic SCSI (sg) buffer. At this point, you
1283can't tune it yet, but you can change it at compile time by editing
1284include/scsi/sg.h and changing the value of SG_BIG_BUFF.
1285
1286If you use a scanner with SANE (Scanner Access Now Easy) you might want to set
1287this to a higher value. Refer to the SANE documentation on this issue.
1288
1289modprobe
1290--------
1291
1292The location where the modprobe binary is located. The kernel uses this
1293program to load modules on demand.
1294
1295unknown_nmi_panic
1296-----------------
1297
1298The value in this file affects behavior of handling NMI. When the value is
1299non-zero, unknown NMI is trapped and then panic occurs. At that time, kernel
1300debugging information is displayed on console.
1301
1302NMI switch that most IA32 servers have fires unknown NMI up, for example.
1303If a system hangs up, try pressing the NMI switch.
1304
1305panic_on_unrecovered_nmi
1306------------------------
1307
1308The default Linux behaviour on an NMI of either memory or unknown is to continue
1309operation. For many environments such as scientific computing it is preferable
1310that the box is taken out and the error dealt with than an uncorrected
1311parity/ECC error get propogated.
1312
1313A small number of systems do generate NMI's for bizarre random reasons such as
1314power management so the default is off. That sysctl works like the existing
1315panic controls already in that directory.
1316
1317nmi_watchdog
1318------------
1319
1320Enables/Disables the NMI watchdog on x86 systems. When the value is non-zero
1321the NMI watchdog is enabled and will continuously test all online cpus to
1322determine whether or not they are still functioning properly. Currently,
1323passing "nmi_watchdog=" parameter at boot time is required for this function
1324to work.
1325
1326If LAPIC NMI watchdog method is in use (nmi_watchdog=2 kernel parameter), the
1327NMI watchdog shares registers with oprofile. By disabling the NMI watchdog,
1328oprofile may have more registers to utilize.
1329
1330msgmni
1331------
1332
1333Maximum number of message queue ids on the system.
1334This value scales to the amount of lowmem. It is automatically recomputed
1335upon memory add/remove or ipc namespace creation/removal.
1336When a value is written into this file, msgmni's value becomes fixed, i.e. it
1337is not recomputed anymore when one of the above events occurs.
1338Use auto_msgmni to change this behavior.
1339
1340auto_msgmni
1341-----------
1342
1343Enables/Disables automatic recomputing of msgmni upon memory add/remove or
1344upon ipc namespace creation/removal (see the msgmni description above).
1345Echoing "1" into this file enables msgmni automatic recomputing.
1346Echoing "0" turns it off.
1347auto_msgmni default value is 1.
1348
1349
13502.4 /proc/sys/vm - The virtual memory subsystem
1351-----------------------------------------------
1352
1353Please see: Documentation/sysctls/vm.txt for a description of these
1354entries. 987entries.
1355 988
989------------------------------------------------------------------------------
990Summary
991------------------------------------------------------------------------------
992Certain aspects of kernel behavior can be modified at runtime, without the
993need to recompile the kernel, or even to reboot the system. The files in the
994/proc/sys tree can not only be read, but also modified. You can use the echo
995command to write value into these files, thereby changing the default settings
996of the kernel.
997------------------------------------------------------------------------------
1356 998
13572.5 /proc/sys/dev - Device specific parameters 999------------------------------------------------------------------------------
1358---------------------------------------------- 1000CHAPTER 3: PER-PROCESS PARAMETERS
1359 1001------------------------------------------------------------------------------
1360Currently there is only support for CDROM drives, and for those, there is only
1361one read-only file containing information about the CD-ROM drives attached to
1362the system:
1363
1364 >cat /proc/sys/dev/cdrom/info
1365 CD-ROM information, Id: cdrom.c 2.55 1999/04/25
1366
1367 drive name: sr0 hdb
1368 drive speed: 32 40
1369 drive # of slots: 1 0
1370 Can close tray: 1 1
1371 Can open tray: 1 1
1372 Can lock tray: 1 1
1373 Can change speed: 1 1
1374 Can select disk: 0 1
1375 Can read multisession: 1 1
1376 Can read MCN: 1 1
1377 Reports media changed: 1 1
1378 Can play audio: 1 1
1379
1380
1381You see two drives, sr0 and hdb, along with a list of their features.
1382
13832.6 /proc/sys/sunrpc - Remote procedure calls
1384---------------------------------------------
1385
1386This directory contains four files, which enable or disable debugging for the
1387RPC functions NFS, NFS-daemon, RPC and NLM. The default values are 0. They can
1388be set to one to turn debugging on. (The default value is 0 for each)
1389
13902.7 /proc/sys/net - Networking stuff
1391------------------------------------
1392
1393The interface to the networking parts of the kernel is located in
1394/proc/sys/net. Table 2-3 shows all possible subdirectories. You may see only
1395some of them, depending on your kernel's configuration.
1396
1397
1398Table 2-3: Subdirectories in /proc/sys/net
1399..............................................................................
1400 Directory Content Directory Content
1401 core General parameter appletalk Appletalk protocol
1402 unix Unix domain sockets netrom NET/ROM
1403 802 E802 protocol ax25 AX25
1404 ethernet Ethernet protocol rose X.25 PLP layer
1405 ipv4 IP version 4 x25 X.25 protocol
1406 ipx IPX token-ring IBM token ring
1407 bridge Bridging decnet DEC net
1408 ipv6 IP version 6
1409..............................................................................
1410
1411We will concentrate on IP networking here. Since AX15, X.25, and DEC Net are
1412only minor players in the Linux world, we'll skip them in this chapter. You'll
1413find some short info on Appletalk and IPX further on in this chapter. Review
1414the online documentation and the kernel source to get a detailed view of the
1415parameters for those protocols. In this section we'll discuss the
1416subdirectories printed in bold letters in the table above. As default values
1417are suitable for most needs, there is no need to change these values.
1418
1419/proc/sys/net/core - Network core options
1420-----------------------------------------
1421
1422rmem_default
1423------------
1424
1425The default setting of the socket receive buffer in bytes.
1426
1427rmem_max
1428--------
1429
1430The maximum receive socket buffer size in bytes.
1431
1432wmem_default
1433------------
1434
1435The default setting (in bytes) of the socket send buffer.
1436
1437wmem_max
1438--------
1439
1440The maximum send socket buffer size in bytes.
1441
1442message_burst and message_cost
1443------------------------------
1444
1445These parameters are used to limit the warning messages written to the kernel
1446log from the networking code. They enforce a rate limit to make a
1447denial-of-service attack impossible. A higher message_cost factor, results in
1448fewer messages that will be written. Message_burst controls when messages will
1449be dropped. The default settings limit warning messages to one every five
1450seconds.
1451
1452warnings
1453--------
1454
1455This controls console messages from the networking stack that can occur because
1456of problems on the network like duplicate address or bad checksums. Normally,
1457this should be enabled, but if the problem persists the messages can be
1458disabled.
1459
1460netdev_budget
1461-------------
1462
1463Maximum number of packets taken from all interfaces in one polling cycle (NAPI
1464poll). In one polling cycle interfaces which are registered to polling are
1465probed in a round-robin manner. The limit of packets in one such probe can be
1466set per-device via sysfs class/net/<device>/weight .
1467
1468netdev_max_backlog
1469------------------
1470
1471Maximum number of packets, queued on the INPUT side, when the interface
1472receives packets faster than kernel can process them.
1473
1474optmem_max
1475----------
1476
1477Maximum ancillary buffer size allowed per socket. Ancillary data is a sequence
1478of struct cmsghdr structures with appended data.
1479
1480/proc/sys/net/unix - Parameters for Unix domain sockets
1481-------------------------------------------------------
1482
1483There are only two files in this subdirectory. They control the delays for
1484deleting and destroying socket descriptors.
1485
14862.8 /proc/sys/net/ipv4 - IPV4 settings
1487--------------------------------------
1488
1489IP version 4 is still the most used protocol in Unix networking. It will be
1490replaced by IP version 6 in the next couple of years, but for the moment it's
1491the de facto standard for the internet and is used in most networking
1492environments around the world. Because of the importance of this protocol,
1493we'll have a deeper look into the subtree controlling the behavior of the IPv4
1494subsystem of the Linux kernel.
1495
1496Let's start with the entries in /proc/sys/net/ipv4.
1497
1498ICMP settings
1499-------------
1500
1501icmp_echo_ignore_all and icmp_echo_ignore_broadcasts
1502----------------------------------------------------
1503
1504Turn on (1) or off (0), if the kernel should ignore all ICMP ECHO requests, or
1505just those to broadcast and multicast addresses.
1506
1507Please note that if you accept ICMP echo requests with a broadcast/multi\-cast
1508destination address your network may be used as an exploder for denial of
1509service packet flooding attacks to other hosts.
1510
1511icmp_destunreach_rate, icmp_echoreply_rate, icmp_paramprob_rate and icmp_timeexeed_rate
1512---------------------------------------------------------------------------------------
1513
1514Sets limits for sending ICMP packets to specific targets. A value of zero
1515disables all limiting. Any positive value sets the maximum package rate in
1516hundredth of a second (on Intel systems).
1517
1518IP settings
1519-----------
1520
1521ip_autoconfig
1522-------------
1523
1524This file contains the number one if the host received its IP configuration by
1525RARP, BOOTP, DHCP or a similar mechanism. Otherwise it is zero.
1526
1527ip_default_ttl
1528--------------
1529
1530TTL (Time To Live) for IPv4 interfaces. This is simply the maximum number of
1531hops a packet may travel.
1532
1533ip_dynaddr
1534----------
1535
1536Enable dynamic socket address rewriting on interface address change. This is
1537useful for dialup interface with changing IP addresses.
1538
1539ip_forward
1540----------
1541
1542Enable or disable forwarding of IP packages between interfaces. Changing this
1543value resets all other parameters to their default values. They differ if the
1544kernel is configured as host or router.
1545
1546ip_local_port_range
1547-------------------
1548
1549Range of ports used by TCP and UDP to choose the local port. Contains two
1550numbers, the first number is the lowest port, the second number the highest
1551local port. Default is 1024-4999. Should be changed to 32768-61000 for
1552high-usage systems.
1553
1554ip_no_pmtu_disc
1555---------------
1556
1557Global switch to turn path MTU discovery off. It can also be set on a per
1558socket basis by the applications or on a per route basis.
1559
1560ip_masq_debug
1561-------------
1562
1563Enable/disable debugging of IP masquerading.
1564
1565IP fragmentation settings
1566-------------------------
1567
1568ipfrag_high_trash and ipfrag_low_trash
1569--------------------------------------
1570
1571Maximum memory used to reassemble IP fragments. When ipfrag_high_thresh bytes
1572of memory is allocated for this purpose, the fragment handler will toss
1573packets until ipfrag_low_thresh is reached.
1574
1575ipfrag_time
1576-----------
1577
1578Time in seconds to keep an IP fragment in memory.
1579
1580TCP settings
1581------------
1582
1583tcp_ecn
1584-------
1585
1586This file controls the use of the ECN bit in the IPv4 headers. This is a new
1587feature about Explicit Congestion Notification, but some routers and firewalls
1588block traffic that has this bit set, so it could be necessary to echo 0 to
1589/proc/sys/net/ipv4/tcp_ecn if you want to talk to these sites. For more info
1590you could read RFC2481.
1591
1592tcp_retrans_collapse
1593--------------------
1594
1595Bug-to-bug compatibility with some broken printers. On retransmit, try to send
1596larger packets to work around bugs in certain TCP stacks. Can be turned off by
1597setting it to zero.
1598
1599tcp_keepalive_probes
1600--------------------
1601
1602Number of keep alive probes TCP sends out, until it decides that the
1603connection is broken.
1604
1605tcp_keepalive_time
1606------------------
1607
1608How often TCP sends out keep alive messages, when keep alive is enabled. The
1609default is 2 hours.
1610
1611tcp_syn_retries
1612---------------
1613
1614Number of times initial SYNs for a TCP connection attempt will be
1615retransmitted. Should not be higher than 255. This is only the timeout for
1616outgoing connections, for incoming connections the number of retransmits is
1617defined by tcp_retries1.
1618
1619tcp_sack
1620--------
1621
1622Enable select acknowledgments after RFC2018.
1623
1624tcp_timestamps
1625--------------
1626
1627Enable timestamps as defined in RFC1323.
1628
1629tcp_stdurg
1630----------
1631
1632Enable the strict RFC793 interpretation of the TCP urgent pointer field. The
1633default is to use the BSD compatible interpretation of the urgent pointer
1634pointing to the first byte after the urgent data. The RFC793 interpretation is
1635to have it point to the last byte of urgent data. Enabling this option may
1636lead to interoperability problems. Disabled by default.
1637
1638tcp_syncookies
1639--------------
1640
1641Only valid when the kernel was compiled with CONFIG_SYNCOOKIES. Send out
1642syncookies when the syn backlog queue of a socket overflows. This is to ward
1643off the common 'syn flood attack'. Disabled by default.
1644
1645Note that the concept of a socket backlog is abandoned. This means the peer
1646may not receive reliable error messages from an over loaded server with
1647syncookies enabled.
1648
1649tcp_window_scaling
1650------------------
1651
1652Enable window scaling as defined in RFC1323.
1653
1654tcp_fin_timeout
1655---------------
1656
1657The length of time in seconds it takes to receive a final FIN before the
1658socket is always closed. This is strictly a violation of the TCP
1659specification, but required to prevent denial-of-service attacks.
1660
1661tcp_max_ka_probes
1662-----------------
1663
1664Indicates how many keep alive probes are sent per slow timer run. Should not
1665be set too high to prevent bursts.
1666
1667tcp_max_syn_backlog
1668-------------------
1669
1670Length of the per socket backlog queue. Since Linux 2.2 the backlog specified
1671in listen(2) only specifies the length of the backlog queue of already
1672established sockets. When more connection requests arrive Linux starts to drop
1673packets. When syncookies are enabled the packets are still answered and the
1674maximum queue is effectively ignored.
1675
1676tcp_retries1
1677------------
1678
1679Defines how often an answer to a TCP connection request is retransmitted
1680before giving up.
1681
1682tcp_retries2
1683------------
1684
1685Defines how often a TCP packet is retransmitted before giving up.
1686
1687Interface specific settings
1688---------------------------
1689
1690In the directory /proc/sys/net/ipv4/conf you'll find one subdirectory for each
1691interface the system knows about and one directory calls all. Changes in the
1692all subdirectory affect all interfaces, whereas changes in the other
1693subdirectories affect only one interface. All directories have the same
1694entries:
1695
1696accept_redirects
1697----------------
1698
1699This switch decides if the kernel accepts ICMP redirect messages or not. The
1700default is 'yes' if the kernel is configured for a regular host and 'no' for a
1701router configuration.
1702
1703accept_source_route
1704-------------------
1705
1706Should source routed packages be accepted or declined. The default is
1707dependent on the kernel configuration. It's 'yes' for routers and 'no' for
1708hosts.
1709
1710bootp_relay
1711~~~~~~~~~~~
1712
1713Accept packets with source address 0.b.c.d with destinations not to this host
1714as local ones. It is supposed that a BOOTP relay daemon will catch and forward
1715such packets.
1716
1717The default is 0, since this feature is not implemented yet (kernel version
17182.2.12).
1719
1720forwarding
1721----------
1722
1723Enable or disable IP forwarding on this interface.
1724
1725log_martians
1726------------
1727
1728Log packets with source addresses with no known route to kernel log.
1729
1730mc_forwarding
1731-------------
1732
1733Do multicast routing. The kernel needs to be compiled with CONFIG_MROUTE and a
1734multicast routing daemon is required.
1735
1736proxy_arp
1737---------
1738
1739Does (1) or does not (0) perform proxy ARP.
1740
1741rp_filter
1742---------
1743
1744Integer value determines if a source validation should be made. 1 means yes, 0
1745means no. Disabled by default, but local/broadcast address spoofing is always
1746on.
1747
1748If you set this to 1 on a router that is the only connection for a network to
1749the net, it will prevent spoofing attacks against your internal networks
1750(external addresses can still be spoofed), without the need for additional
1751firewall rules.
1752
1753secure_redirects
1754----------------
1755
1756Accept ICMP redirect messages only for gateways, listed in default gateway
1757list. Enabled by default.
1758
1759shared_media
1760------------
1761
1762If it is not set the kernel does not assume that different subnets on this
1763device can communicate directly. Default setting is 'yes'.
1764
1765send_redirects
1766--------------
1767
1768Determines whether to send ICMP redirects to other hosts.
1769
1770Routing settings
1771----------------
1772
1773The directory /proc/sys/net/ipv4/route contains several file to control
1774routing issues.
1775
1776error_burst and error_cost
1777--------------------------
1778
1779These parameters are used to limit how many ICMP destination unreachable to
1780send from the host in question. ICMP destination unreachable messages are
1781sent when we cannot reach the next hop while trying to transmit a packet.
1782It will also print some error messages to kernel logs if someone is ignoring
1783our ICMP redirects. The higher the error_cost factor is, the fewer
1784destination unreachable and error messages will be let through. Error_burst
1785controls when destination unreachable messages and error messages will be
1786dropped. The default settings limit warning messages to five every second.
1787
1788flush
1789-----
1790
1791Writing to this file results in a flush of the routing cache.
1792
1793gc_elasticity, gc_interval, gc_min_interval_ms, gc_timeout, gc_thresh
1794---------------------------------------------------------------------
1795
1796Values to control the frequency and behavior of the garbage collection
1797algorithm for the routing cache. gc_min_interval is deprecated and replaced
1798by gc_min_interval_ms.
1799
1800
1801max_size
1802--------
1803
1804Maximum size of the routing cache. Old entries will be purged once the cache
1805reached has this size.
1806
1807redirect_load, redirect_number
1808------------------------------
1809
1810Factors which determine if more ICPM redirects should be sent to a specific
1811host. No redirects will be sent once the load limit or the maximum number of
1812redirects has been reached.
1813
1814redirect_silence
1815----------------
1816
1817Timeout for redirects. After this period redirects will be sent again, even if
1818this has been stopped, because the load or number limit has been reached.
1819
1820Network Neighbor handling
1821-------------------------
1822
1823Settings about how to handle connections with direct neighbors (nodes attached
1824to the same link) can be found in the directory /proc/sys/net/ipv4/neigh.
1825
1826As we saw it in the conf directory, there is a default subdirectory which
1827holds the default values, and one directory for each interface. The contents
1828of the directories are identical, with the single exception that the default
1829settings contain additional options to set garbage collection parameters.
1830
1831In the interface directories you'll find the following entries:
1832
1833base_reachable_time, base_reachable_time_ms
1834-------------------------------------------
1835
1836A base value used for computing the random reachable time value as specified
1837in RFC2461.
1838
1839Expression of base_reachable_time, which is deprecated, is in seconds.
1840Expression of base_reachable_time_ms is in milliseconds.
1841
1842retrans_time, retrans_time_ms
1843-----------------------------
1844
1845The time between retransmitted Neighbor Solicitation messages.
1846Used for address resolution and to determine if a neighbor is
1847unreachable.
1848
1849Expression of retrans_time, which is deprecated, is in 1/100 seconds (for
1850IPv4) or in jiffies (for IPv6).
1851Expression of retrans_time_ms is in milliseconds.
1852
1853unres_qlen
1854----------
1855
1856Maximum queue length for a pending arp request - the number of packets which
1857are accepted from other layers while the ARP address is still resolved.
1858
1859anycast_delay
1860-------------
1861
1862Maximum for random delay of answers to neighbor solicitation messages in
1863jiffies (1/100 sec). Not yet implemented (Linux does not have anycast support
1864yet).
1865
1866ucast_solicit
1867-------------
1868
1869Maximum number of retries for unicast solicitation.
1870
1871mcast_solicit
1872-------------
1873
1874Maximum number of retries for multicast solicitation.
1875
1876delay_first_probe_time
1877----------------------
1878
1879Delay for the first time probe if the neighbor is reachable. (see
1880gc_stale_time)
1881
1882locktime
1883--------
1884
1885An ARP/neighbor entry is only replaced with a new one if the old is at least
1886locktime old. This prevents ARP cache thrashing.
1887
1888proxy_delay
1889-----------
1890
1891Maximum time (real time is random [0..proxytime]) before answering to an ARP
1892request for which we have an proxy ARP entry. In some cases, this is used to
1893prevent network flooding.
1894
1895proxy_qlen
1896----------
1897
1898Maximum queue length of the delayed proxy arp timer. (see proxy_delay).
1899
1900app_solicit
1901----------
1902
1903Determines the number of requests to send to the user level ARP daemon. Use 0
1904to turn off.
1905
1906gc_stale_time
1907-------------
1908
1909Determines how often to check for stale ARP entries. After an ARP entry is
1910stale it will be resolved again (which is useful when an IP address migrates
1911to another machine). When ucast_solicit is greater than 0 it first tries to
1912send an ARP packet directly to the known host When that fails and
1913mcast_solicit is greater than 0, an ARP request is broadcasted.
1914
19152.9 Appletalk
1916-------------
1917
1918The /proc/sys/net/appletalk directory holds the Appletalk configuration data
1919when Appletalk is loaded. The configurable parameters are:
1920
1921aarp-expiry-time
1922----------------
1923
1924The amount of time we keep an ARP entry before expiring it. Used to age out
1925old hosts.
1926
1927aarp-resolve-time
1928-----------------
1929
1930The amount of time we will spend trying to resolve an Appletalk address.
1931
1932aarp-retransmit-limit
1933---------------------
1934
1935The number of times we will retransmit a query before giving up.
1936
1937aarp-tick-time
1938--------------
1939
1940Controls the rate at which expires are checked.
1941
1942The directory /proc/net/appletalk holds the list of active Appletalk sockets
1943on a machine.
1944
1945The fields indicate the DDP type, the local address (in network:node format)
1946the remote address, the size of the transmit pending queue, the size of the
1947received queue (bytes waiting for applications to read) the state and the uid
1948owning the socket.
1949
1950/proc/net/atalk_iface lists all the interfaces configured for appletalk.It
1951shows the name of the interface, its Appletalk address, the network range on
1952that address (or network number for phase 1 networks), and the status of the
1953interface.
1954
1955/proc/net/atalk_route lists each known network route. It lists the target
1956(network) that the route leads to, the router (may be directly connected), the
1957route flags, and the device the route is using.
1958
19592.10 IPX
1960--------
1961
1962The IPX protocol has no tunable values in proc/sys/net.
1963
1964The IPX protocol does, however, provide proc/net/ipx. This lists each IPX
1965socket giving the local and remote addresses in Novell format (that is
1966network:node:port). In accordance with the strange Novell tradition,
1967everything but the port is in hex. Not_Connected is displayed for sockets that
1968are not tied to a specific remote address. The Tx and Rx queue sizes indicate
1969the number of bytes pending for transmission and reception. The state
1970indicates the state the socket is in and the uid is the owning uid of the
1971socket.
1972
1973The /proc/net/ipx_interface file lists all IPX interfaces. For each interface
1974it gives the network number, the node number, and indicates if the network is
1975the primary network. It also indicates which device it is bound to (or
1976Internal for internal networks) and the Frame Type if appropriate. Linux
1977supports 802.3, 802.2, 802.2 SNAP and DIX (Blue Book) ethernet framing for
1978IPX.
1979
1980The /proc/net/ipx_route table holds a list of IPX routes. For each route it
1981gives the destination network, the router node (or Directly) and the network
1982address of the router (or Connected) for internal networks.
1983
19842.11 /proc/sys/fs/mqueue - POSIX message queues filesystem
1985----------------------------------------------------------
1986
1987The "mqueue" filesystem provides the necessary kernel features to enable the
1988creation of a user space library that implements the POSIX message queues
1989API (as noted by the MSG tag in the POSIX 1003.1-2001 version of the System
1990Interfaces specification.)
1991
1992The "mqueue" filesystem contains values for determining/setting the amount of
1993resources used by the file system.
1994
1995/proc/sys/fs/mqueue/queues_max is a read/write file for setting/getting the
1996maximum number of message queues allowed on the system.
1997
1998/proc/sys/fs/mqueue/msg_max is a read/write file for setting/getting the
1999maximum number of messages in a queue value. In fact it is the limiting value
2000for another (user) limit which is set in mq_open invocation. This attribute of
2001a queue must be less or equal then msg_max.
2002
2003/proc/sys/fs/mqueue/msgsize_max is a read/write file for setting/getting the
2004maximum message size value (it is every message queue's attribute set during
2005its creation).
2006 1002
20072.12 /proc/<pid>/oom_adj - Adjust the oom-killer score 10033.1 /proc/<pid>/oom_adj - Adjust the oom-killer score
2008------------------------------------------------------ 1004------------------------------------------------------
2009 1005
2010This file can be used to adjust the score used to select which processes 1006This file can be used to adjust the score used to select which processes
@@ -2041,25 +1037,15 @@ The task with the highest badness score is then selected and its children
2041are killed, process itself will be killed in an OOM situation when it does 1037are killed, process itself will be killed in an OOM situation when it does
2042not have children or some of them disabled oom like described above. 1038not have children or some of them disabled oom like described above.
2043 1039
20442.13 /proc/<pid>/oom_score - Display current oom-killer score 10403.2 /proc/<pid>/oom_score - Display current oom-killer score
2045------------------------------------------------------------- 1041-------------------------------------------------------------
2046 1042
2047------------------------------------------------------------------------------
2048This file can be used to check the current score used by the oom-killer is for 1043This file can be used to check the current score used by the oom-killer is for
2049any given <pid>. Use it together with /proc/<pid>/oom_adj to tune which 1044any given <pid>. Use it together with /proc/<pid>/oom_adj to tune which
2050process should be killed in an out-of-memory situation. 1045process should be killed in an out-of-memory situation.
2051 1046
2052------------------------------------------------------------------------------
2053Summary
2054------------------------------------------------------------------------------
2055Certain aspects of kernel behavior can be modified at runtime, without the
2056need to recompile the kernel, or even to reboot the system. The files in the
2057/proc/sys tree can not only be read, but also modified. You can use the echo
2058command to write value into these files, thereby changing the default settings
2059of the kernel.
2060------------------------------------------------------------------------------
2061 1047
20622.14 /proc/<pid>/io - Display the IO accounting fields 10483.3 /proc/<pid>/io - Display the IO accounting fields
2063------------------------------------------------------- 1049-------------------------------------------------------
2064 1050
2065This file contains IO statistics for each running process 1051This file contains IO statistics for each running process
@@ -2161,7 +1147,7 @@ those 64-bit counters, process A could see an intermediate result.
2161More information about this can be found within the taskstats documentation in 1147More information about this can be found within the taskstats documentation in
2162Documentation/accounting. 1148Documentation/accounting.
2163 1149
21642.15 /proc/<pid>/coredump_filter - Core dump filtering settings 11503.4 /proc/<pid>/coredump_filter - Core dump filtering settings
2165--------------------------------------------------------------- 1151---------------------------------------------------------------
2166When a process is dumped, all anonymous memory is written to a core file as 1152When a process is dumped, all anonymous memory is written to a core file as
2167long as the size of the core file isn't limited. But sometimes we don't want 1153long as the size of the core file isn't limited. But sometimes we don't want
@@ -2205,7 +1191,7 @@ For example:
2205 $ echo 0x7 > /proc/self/coredump_filter 1191 $ echo 0x7 > /proc/self/coredump_filter
2206 $ ./some_program 1192 $ ./some_program
2207 1193
22082.16 /proc/<pid>/mountinfo - Information about mounts 11943.5 /proc/<pid>/mountinfo - Information about mounts
2209-------------------------------------------------------- 1195--------------------------------------------------------
2210 1196
2211This file contains lines of the form: 1197This file contains lines of the form:
@@ -2242,30 +1228,3 @@ For more information on mount propagation see:
2242 1228
2243 Documentation/filesystems/sharedsubtree.txt 1229 Documentation/filesystems/sharedsubtree.txt
2244 1230
22452.17 /proc/sys/fs/epoll - Configuration options for the epoll interface
2246--------------------------------------------------------
2247
2248This directory contains configuration options for the epoll(7) interface.
2249
2250max_user_instances
2251------------------
2252
2253This is the maximum number of epoll file descriptors that a single user can
2254have open at a given time. The default value is 128, and should be enough
2255for normal users.
2256
2257max_user_watches
2258----------------
2259
2260Every epoll file descriptor can store a number of files to be monitored
2261for event readiness. Each one of these monitored files constitutes a "watch".
2262This configuration option sets the maximum number of "watches" that are
2263allowed for each user.
2264Each "watch" costs roughly 90 bytes on a 32bit kernel, and roughly 160 bytes
2265on a 64bit one.
2266The current default value for max_user_watches is the 1/32 of the available
2267low memory, divided for the "watch" cost in bytes.
2268
2269
2270------------------------------------------------------------------------------
2271