Documentation: add documentation of ping_group_range

author Stephen Hemminger <stephen@networkplumber.org>

Tue, 21 Apr 2020 20:34:48 +0000 (13:34 -0700)

committer David S. Miller <davem@davemloft.net>

Thu, 23 Apr 2020 02:29:26 +0000 (19:29 -0700)
author Stephen Hemminger <stephen@networkplumber.org>
Tue, 21 Apr 2020 20:34:48 +0000 (13:34 -0700)
committer David S. Miller <davem@davemloft.net>
Thu, 23 Apr 2020 02:29:26 +0000 (19:29 -0700)
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt

index 6fcfd31..9375324 100644 (file)
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -983,6 +983,13 @@ ip_early_demux - BOOLEAN
         reduces overall throughput, in such case you should disable it.
         Default: 1
  
+ping_group_range - 2 INTEGERS
+       Restrict ICMP_PROTO datagram sockets to users in the group range.
+       The default is "1 0", meaning, that nobody (not even root) may
+       create ping sockets.  Setting it to "100 100" would grant permissions
+       to the single group. "0 4294967295" would enable it for the world, "100
+       4294967295" would enable it for the users, but not daemons.
+
  tcp_early_demux - BOOLEAN
         Enable early demux for established TCP sockets.
         Default: 1
author	Stephen Hemminger <stephen@networkplumber.org>
	Tue, 21 Apr 2020 20:34:48 +0000 (13:34 -0700)
committer	David S. Miller <davem@davemloft.net>
	Thu, 23 Apr 2020 02:29:26 +0000 (19:29 -0700)