dotfiles

Dash Eclipse's dotfiles
git clone git://ezup.dev/dotfiles.git
Log | Files | Refs | README | LICENSE

commit dbfd178655b0a2b2d3fc95389329f4e0c7be2391
parent c5364ad1384857144c7c1e7309ed788059f359c0
Author: Dash Eclipse <dashezup@disroot.org>
Date:   Fri, 29 Apr 2022 16:16:14 +0000

feat: add etc/sysctl.conf

Diffstat:
Aetc/sysctl.conf | 65+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 65 insertions(+), 0 deletions(-)

diff --git a/etc/sysctl.conf b/etc/sysctl.conf @@ -0,0 +1,65 @@ +# /etc/sysctl.conf +# +# For more information on how this file works, please see +# the manpages sysctl(8) and sysctl.conf(5). +# +# In order for this file to work properly, you must first +# enable 'Sysctl support' in the kernel. +# +# Look in /proc/sys/ for all the things you can setup. +# + +# Disables packet forwarding +net.ipv4.ip_forward = 0 +# Disables IP dynaddr +#net.ipv4.ip_dynaddr = 0 +# Disable ECN +#net.ipv4.tcp_ecn = 0 +# Enables source route verification +#net.ipv4.conf.default.rp_filter = 1 +# Enable reverse path +#net.ipv4.conf.all.rp_filter = 1 + +# Enable SYN cookies (yum!) +# http://cr.yp.to/syncookies.html +#net.ipv4.tcp_syncookies = 1 + +# Enable people in the specified (min, max) group range to send ICMP_ECHO +# messages (i.e. ping) and receive ICMP_ECHOREPLY responses. This allows +# you to run non-suid and non-caps `ping`, but it also means anyone with +# a gid in this range can send those packets (not just via `ping`). +#net.ipv4.ping_group_range = 100 100 + +# Disable source route +#net.ipv4.conf.all.accept_source_route = 0 +#net.ipv4.conf.default.accept_source_route = 0 + +# Disable redirects +#net.ipv4.conf.all.accept_redirects = 0 +#net.ipv4.conf.default.accept_redirects = 0 + +# Disable secure redirects +#net.ipv4.conf.all.secure_redirects = 0 +#net.ipv4.conf.default.secure_redirects = 0 + +# Ignore ICMP broadcasts +#net.ipv4.icmp_echo_ignore_broadcasts = 1 + +# Disables the magic-sysrq key +#kernel.sysrq = 0 +# When the kernel panics, automatically reboot in 3 seconds +#kernel.panic = 3 +# Allow for more PIDs (cool factor!); may break some programs +#kernel.pid_max = 999999 + +# You should compile nfsd into the kernel or add it +# to modules.autoload for this to work properly +# TCP Port for lock manager +#fs.nfs.nlm_tcpport = 0 +# UDP Port for lock manager +#fs.nfs.nlm_udpport = 0 + +# Disable IPv6 +net.ipv6.conf.all.disable_ipv6 = 1 +net.ipv6.conf.default.disable_ipv6 = 1 +net.ipv6.conf.lo.disable_ipv6 = 1