blob: ac5171e5029cb5c000cf72a6368e0e8eda8c7878 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
net.ipv4.ip_forward=1
# Sonst landen ICMP-Fehlerpakete auf eth0 - mit source-IP 10.222.x.y...
# https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
net.ipv4.icmp_errors_use_inbound_ifaddr = 1
net.ipv6.conf.all.forwarding=1
net.ipv6.conf.all.autoconf = 0
net.ipv6.conf.default.autoconf = 0
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.default.accept_ra = 0
net.ipv4.neigh.default.gc_thresh3=16384
net.ipv4.neigh.default.gc_thresh2=8192
net.ipv4.neigh.default.gc_thresh1=4096
net.ipv4.neigh.default.gc_interval=3600
net.ipv4.neigh.default.gc_stale_time=3600
net.ipv6.neigh.default.gc_thresh3=16384
net.ipv6.neigh.default.gc_thresh2=8192
net.ipv6.neigh.default.gc_thresh1=4096
net.ipv6.neigh.default.gc_interval=3600
net.ipv6.neigh.default.gc_stale_time=3600
# decrease nf_conntrack_tcp_timeout_established - default=432000
net.netfilter.nf_conntrack_max=1048576
net.netfilter.nf_conntrack_buckets=131072
net.netfilter.nf_conntrack_tcp_timeout_established=3600
# reboot after kernel panic
kernel.panic=1
|
