What is a PROC file system
The PROC file system is a pseudo file system that exists only in memory without occupying an existing space. It provides an interface to the operation of accessing system kernel data in a file system. Users and applications can get the system information through Proc, and can change certain parameters of the kernel. Due to the information of the system, if the process is dynamically changed, the Proc file system is dynamically read out the required information from the system, and submitted by the user or the application reads the proc file. Its directory structure is as follows:
Directory Name Directory Content
APM Advanced Power Management Information
CMDline kernel command line
CPUInfo About CPU Information
Devices can be used by the device (block device / character device)
DMA channel used by DMA
FileSystems supported file system
Interrupts interrupt use
IOPORTS I / O port
KCORE kernel core impression
KMSG kernel message
Ksyms kernel symbol table
Loadavg load balancing
Locks kernel lock
MEMINFO memory information
MISC miscellaneous
Modules Load Module List
Mounts loaded file system
Partitions system identification partition table
RTC real-time clock
SLABINFO SLAB pool information
Stat comprehensive statistical state table
Swaps' use of SWAPS
Version core version
UPTIME system normally run time
Not all of these directories are in your system, depending on your kernel configuration and load module. In addition, there are three important directories under / proc: NET, SCSI and SYS. The SYS directory is writable and can be used to access or modify the kernel parameters (see section), and NET and SCSI rely on kernel configuration. For example, if the system does not support SCSI, the SCSI directory does not exist.
In addition to these described above, there are some directory named, which are processes. Each process currently run in the system has a corresponding directory under / proc, with a directory name, which is an interface to read the process information. The SELF directory is the information interface that reads the process itself, is a LINK. The name of the PROC file system is from it. The structure of the process directory is as follows:
Directory Name Directory Content
CMDLINE command line parameters
Environ environment variable value FD A directory containing all file descriptors
MEM process's memory is utilized
STAT process status
The Status process is currently displayed in readable way.
CWD Current Work Directory Link
EXE points to the execution command file
MAPS memory image
Statm process memory status information
ROOT link ROOT directory of this process
Users can use the CAT command if you want to view system information. E.g:
# cat / proc / interrupts
CPU0
0: 8728810 XT-PIC Timer
1: 895 XT-Pic Keyboard
2: 0 XT-Pic Cascade
3: 531695 XT-PIC AHA152X
4: 2014133 XT-PIC Serial
5: 44401 XT-PIC PCNET_CS
8: 2 XT-PIC RTC
11: 8 XT-PIC I82365
12: 182918 XT-PIC Mouse
13: 1 XT-PIC FPU PS / 2
14: 1232265 XT-PIC IDE0
15: 7 XT-Pic IDE1
NMI: 0
Users can also modify the kernel parameters. There is an interesting directory in the / proc file system: / proc / sys. It not only provides kernel information, but also modifies the kernel parameters to optimize your system. But you have to be very careful because it may cause the system to crash. It is best to find an irrelevant machine, and then apply it to your system after debugging.
To change the parameters of the kernel, just redirect to the file with VI editing or ECHO parameter. Here's an example:
# Cat / Proc / Sys / FS / File-Max
4096
# echo 8192> / proc / sys / fs / file-max
# Cat / Proc / Sys / FS / File-Max
8192
If you optimize parameters, you can write them into file RC.Local so that it automatically completes modifications when the system starts.
/ PROC file system network parameters
In / proc / sys / net / ipv4 / directory, all parameters related to TCP / IP protocols, the following we are explained in detail below.
IP_forward Parameter Type: Boolean
0 - Close (default)
NOT 0 - Open IP Forward
Forward datagrams between network local interfaces. This parameter is very special, and the modification of this parameter will cause other relevant configuration parameters to restore its default values (see RFC 1122 for hosts, see RFC1812 for routers)
IP_DEFAULT_TTL Parameter Type: INTEGER
The default is 64. Indicates the TIME to Live value of the IP datagram.
IP_NO_PMTU_DISC Parameter Type: Boolean
Close the path MTU detection, the default value is FALSE
IPFRAG_High_thresh Parameter Type: Integer
The maximum amount of memory used to assemble the segmentation IP package. When the number of memory numb_high_thresh is assigned to assemble the IP package, the IP slice processor will discard the data to the number of ipfrag_low_thresh's number of memory is used to assemble the IP package.
IPFRAG_LOW_THRESH Parameter Type: Confusion See IPFrag_High_thresh.
IPFRAG_TIME Parameter Type: Integer
Save an IP fragment in memory.
INET_PEER_THRESHOLD Parameter Type: Integer
The INET-to-end memory is a suitable value that will be discarded when the threshold entry will be discarded. The valve value also determines the time interval of the spending time and the time of waste collection. The more entries, the lower the survival period, the shorter the GC interval.
INET_PEER_MINTTL Parameter Type: Integer
The minimum survival period of the entry. There must be enough fragmentation in the restructuring end. This minimum survival must ensure that the buffer pool volume is less than INET_PEER_THRESHOLD. This value is measured in jiffies.
INET_PEER_MAXTTL Parameter Type: Integer
The maximum survival period of the entry. After this period arrives, if the buffer pool does not deplete the pressure (for example, the number of entries in the buffer pool is very small), the unused entries will time out. This value is measured in jiffies.
INET_PEER_GC_MINTIME Parameter Type: Integer
Waste collection (GC) passes the shortest interval. This interval affects the high pressure in the buffer pool. This value is measured in jiffies.
INET_PEER_GC_MAXTIME Parameter Type: Integer
The maximum interval passed by the waste collection (GC) affects the low pressure in the buffer pool. This value is measured in jiffies.
TCP_SYN_RETRIES Parameter Type: Integer
For a new connection, how many SYN connection requests to send in the kernel are determined to give up. Should not be greater than 255, the default is 5, corresponding to around 180 seconds.
TCP_SYNACK_RETRIES Parameter Type: Integer
For the remote connection request SYN, the kernel sends the SYN ACK datagram to confirm that the last SYN connection request package is received. This is the second step of the so-called Threeway Handshake mechanism. Here, the number of SYN ACK sent before the kernel is given to the connection.
TCP_Keepalive_Time Parameter Type: Integer
When Keepalive is open, the TCP sends the frequency of the Keepalive message, and the default value is 2 hours.
TCP_Keepalive_Probes Parameter Type: Integer
The TCP sends a Keepalive probe to determine the number of times the connection has been disconnected, and the default value is 9.
TCP_KEEPALIVE_INTERVAL Parameter Type: Integer
The frequency of detecting messages is multiplied by TCP_Keepalive_Probes to get the time for connection kills that have not responded from start detection. The default is 75 seconds, that is, the connection without the active connection will be discarded after approximately 11 minutes.
TCP_RETRIES1 Parameter Type: Integer
How many times needed before reporting this suspicious situation when there is a suspicious situation. The lowest RFC value is 3, which is also the default value, depending on the value of the RTO, between 3 seconds - 8 minutes.
TCP_RETRIES2 Parameter Type: Integer
How many times needed before discarding the activated TCP connection. RFC 1122 specifies that this value must be greater than 100 seconds. The default is 15, according to the value of RTO, it is equivalent to 13-30 minutes,
TCP_ORPHAN_RETRIES Parameter Type: Integer
How many times before the near-end discard TCP connection is discarded. The default is 7, equivalent to 50 seconds - 16 minutes, depending on the RTO. If your system is a very loaded web server, then you may need to reduce this value, which may consume a lot of resources. Also ginseng TCP_MAX_ORPHANS.
TCP_FIN_TIMEOUT Parameter Type: Integer
For the Socket connection disconnected in this end, the TCP remains in the FIN-WAIT-2 state. The other party may disconnect or have never ended the connection or unpredictable process death. The default is 60 seconds. The kernel in the past 2.2 version was 180 seconds. You can set this value, but you need to pay attention, if your machine is a very heavy web server, you may have to take a lot of risk to be filled with a large amount of invalid data, the danger of Fin-Wait-2 Sockets is lower than the fin- Wait-1, because they only eat 1.5k memory, but they have longer time. Also refer to TCP_MAX_ORPHANS. TCP_MAX_TW_BUCKETS Parameter Type: Integer
The number of maximum Timewait Sockets processed at the same time. If you exceed this, the Time-Wait Socket will be cut immediately and display a warning message. The reason why it is necessary to set this restriction, purely to resist those simple DOS attacks, don't artifact to reduce this limit, but if the network condition needs to be more than default, it can improve it (perhaps adding memory).
TCP_TW_RECYCLE parameter type: Boo
Open Quick Time-Wait Sockets Recycling. The default is 1. Please do not modify this value at will not modify this value unless the recommendations or requirements of technical experts are obtained.
TCP_MAX_ORPHANS Parameter Type: Integer
The system can handle the maximum number of TCP sockets that does not belong to any process. If you exceed this quantity, the connection that does not belong to any process will be immediately reset, and the warning message is displayed at the same time. The reason why this limit is set, purely to resist those simple DOS attacks, don't rely on this or artificial reduction this restriction
TCP_ABORT_ON_OVERFLOW Parameter Type: Boo
When the daemon is too busy, you cannot accept a new connection, just send a reset message, the default value is False. This means that when overflow is because an accidental burst, the connection will recover. This option can only be used when you really can't have a connection request if you believe that the daemon does not complete the connection request.
TCP_SYNCOOKIES Parameter Type: Integer
A role can only be used when CONFIG_SYNCOOKIES is selected at the kernel compile. When the SYN wait queue appears, the other party sends Syncookies. The purpose is to prevent SYN FLOOD attacks. The default is False.
Note: This option cannot be used for high-load servers that do not receive the attack, if the SYNFLOOD message appears in the log, the survey has not received the SYNFLOOD attack, but the reason for the legal user's connection load, you should Adjust other parameters to improve server performance. Reference: TCP_MAX_SYN_BACKLOG, TCP_SYNACK_RETRIES, TCP_ABORT_ON_OVERFLOW.
Syncookie is seriously violated by TCP protocols, and does not allow TCP extensions, which may cause serious performance impact on certain services (such as SMTP forwarding).
TCP_STDURG parameter type: integer
Using the host request interpretation in the TCP URG Pointer field. Most of the hosts use old BSD explanations, so if you open it in Linux, or cause it to communicate correctly with them. The default is: false
TCP_MAX_SYN_BACKLOG Parameter Type: Integer
For those connected requests that still have not yet received a client confirmation, you need to save the maximum number in the queue. For systems that exceed 128MB of memory, the default value is 1024, which is 128 below 128MB. If the server often overload, you can try to add this number. caveat! If you set this value to greater than 1024, it is best to modify the TCP_SYNQ_HSIZE inside Include / Net / TCP.H to keep TCP_SYNQ_HSIZE * 16 <= TCP_MAX_SYN_BACKLOG, and within the core.
TCP_WINDOW_SCALING Parameter Type: Boo
Normally, TCP / IP can accept up to 65535 bytes of Windows. For broadband networks, this value may be insufficient, which helps to improve broadband server performance by adjusting this parameter. TCP_TimeStamps Parameter Type: Boo
TimeStamps can be used in other things to prevent those forged sequence numbers. A 1G broadband line may repeatedly encounter an old SEQUENCE number with an OUT-OF-LINE value (if it is due to the last generation). TimeSTAMP will let it know that this is a 'old package'.
TCP_SACK Parameter Type: Boocom
Using Selective Ack, it can be used to find specific lost datagrams - thus helps to quickly recover status.
TCP_FACK Parameter Type: Boo
Open FACK congestion to avoid and quickly retransmit.
TCP_DSACK Parameter Type: Boo
Allow TCP to send "two identical" SACKs.
TCP_ECN Parameter Type: Boo
Open the direct congestion function of TCP.
TCP_REORDERING Parameter Type: Integer
The maximum number of data reported in TCP stream is 3.
TCP_RETRANS_COLLLLAPSE Parameter Type: Boo
For some BUG printers, it provides compatibility for its bugs.
TCP_WMEM - vector of three integers: min, default, max
MIN: Reserved for TCP Socket to send buffer memory minimum. Each TCP Socket can be used after it is recommended. The default is 4K.
DEFAULT: Reserved for the TCP Socket to send buffer memory numbers, by default this value affects the net.core.wmem_default value used by other protocols, usually lower than the value of Net.Core.WMem_Default. The default is 16K.
MAX: The maximum memory used for TCP Socket sends buffers. This value does not affect Net.Core.WMEM_MAX, and today the parameter SO_SNDBUF is not affected by this value. The default is 128K.
TCP_RMEM - vector of three integers: min, default, max
MIN: Reserved for TCP sockets to receive buffer memory numbers, even if the TCP socket will have so many amounts of memory for receiving buffers, the default value is 8K even if there is at least in the case of memory.
Default: Reserved for TCP Socket Reserve the number of memory used to receive buffers, by default this value affects the net.core.wmem_default value used by other protocols. This value determines that the TCP window size is 65535 in the case of the default value in TCP_ADV_WIN_SCALE, TCP_APP_WIN and TCP_APP_WIN: 0.
Max: The maximum memory used for TCP Socket receives buffers. This value does not affect Net.Core.WMEM_MAX, and today the parameter SO_SNDBUF is not affected by this value. The default is 128K. The default is 87380 * 2 bytes.
TCP_MEM - Vector: Low, Pressure, HIGH
Low: TCP does not consider release memory when the TCP uses a memory page number below this value.
Pressure: When the TCP uses the number of memory pages that exceeds the value, TCP tries to stabilize its memory, enter the Pressure mode, exit the Pressure status when the memory consumption is below the LOW value.
HIGH: Allows all TCP sockets to queue the page amount of the buffer datagram.
In general, these values are calculated based on the number of system memory when the system is started.
TCP_APP_WIN - integer
A number of windows retain MAX (Window / 2 ^ TCP_APP_WIN, MSS) is buffered due to application buffering. When 0, it means no buffering is required. The default is 31. TCP_ADV_WIN_SCALE - integer
Calculate buffer overhead BYTES / 2 ^ TCP_ADV_WIN_SCALE (if TCP_ADV_WIN_SCALE> 0) or bytes-bytes / 2 ^ (- TCP_ADV_WIN_SCALE) (if TCP_ADV_WIN_SCALE <= 0), the default is 2.
IP_LOCAL_PORT_RANGE - two integers
Set to the local port range used by TCP and UDP, the first number is beginning, the second number is the last port number, the default value depends on the number of memory available in the system:
> 128MB 32768-61000
OR EVEN LESS in <128MB 1024-4999.
This value determines the number of active connections, that is, the number of connections that can be concurrently
ICMP_ECHO_IGNORE_ALL - Boolean type
ICMP_ECHO_IGNORE_BROADCASTS - Boolean
If any one is set to true (> 0), the system will ignore all ICMP ECHO requests or requests for the broadcast addresses.
ICMP_DESTUNREACH_RATE - integer
ICMP_PARAMPROB_RATE - integer
ICMP_TIMEEXCEED_RATE - integer
ICMP_ECHOREPLY_RATE - NOT Enabled Per Default
Limit the maximum rate of ICMP datagram that illustrates specific targets. 0 means there is no restriction, otherwise the number of allowed sent in the Jiffies data unit is indicated.
ICMP_IGNORE_BOGUS_ERROR_RESPONSES - Boolean type
Some routers have violated RFC 1122 standards, which responds to the broadcast frames. This violation of behavior is usually recorded in the system log in a alarm. If this option is set to true, the kernel does not record this warning message. The default is false.
(1) JIFFIE: The internal time unit used by the kernel is 1/100 s on the I386 system, 1/10244 in alpha. The Hz defined in /usr/include/asm/param.h has a value of a particular system.
Conf / interface / *:
CONF / ALL / * is specific to modify all interface settings, IS Special and Changes The Settings for All Interfaces.
Change Special Settings Per interface.
LOG_MARTIANS - Boolean type
Record the data that is not allowed to report to the kernel log.
Accept_redirects - Boolean
Transcending receiving an ICMP redirection message. For the host, the default is true, and the default value is false for the router.
Forwarding - Boolean
Open forwarding function in this interface
MC_Forwarding - Boolean type
Whether the multicast route is made. Only the kernel compiles with config_mroute and the routing service program is valid in running this parameter.
Proxy_arp - Boolean
Open the Proxy ARP function.
Shared_Media - Boolean
Send (router) or receiving (host) RFC1620 shared media redirection. Cover the value of IP_Secure_Redirects. The default is True.
Secure_Redirects - Boolean
Receive only ICMP redirect messages sent to the default gateway list, the default value is true.
Send_Redirects - Boolean
If it is router, send a redirected message, the default value is true.
Bootp_relay - Boolean type
The receiving source address is 0.b.c.d, the destination address is not a native datagram. Used to support the BootP forwarding service process, the process will capture and forward the package. The default is False, which is not currently implemented. Accept_source_route - Boolean
Receive datagrams with SRR options. For the host, the default is false, and the default value is TRUE for use as a router.
RP_FILTER parameter type
1 - For the back of the reverse path, the source address is verified (defined in RFC 1812). This option is recommended for a single-hole host and the STUB network router.
0 - The source address verification is not taken back to the reverse path.
The default is 0. Some releases are automatically opened at startup.
