Fijxu
/
etc-configs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sysctl configs

This commit is contained in:
Fijxu 2022-12-03 15:59:44 -03:00
parent 078be3cb59
commit 140086dcba
5 changed files with 56 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sysctl.d/30-wireguard-forward.conf Normal file
View File

@ -0,0 +1 @@
net.ipv4.ip_forward=1

1
sysctl.d/99-swappiness.conf Normal file
View File

@ -0,0 +1 @@
vm.swappiness=4

1
sysctl.d/99-sysctl.conf Symbolic link
View File

@ -0,0 +1 @@
../sysctl.conf

13
sysctl.d/README.sysctl Normal file
View File

@ -0,0 +1,13 @@
Kernel system variables configuration files
Files found under the /etc/sysctl.d directory that end with .conf are
parsed within sysctl(8) at boot time. If you want to set kernel variables
you can either edit /etc/sysctl.conf or make a new file.
The filename isn't important, but don't make it a package name as it may clash
with something the package builder needs later. It must end with .conf though.
My personal preference would be for local system settings to go into
/etc/sysctl.d/local.conf but as long as you follow the rules for the names
of the file, anything will work. See sysctl.conf(8) man page for details
of the format.

40
sysctl.d/internettweaks.conf Normal file
View File

@ -0,0 +1,40 @@
#TCP Tweaks
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fastopn = 3
net.ipv4.tcp_fin_timeout = 10
# disable tcp timestamps to avoid leaking some system information
# https://www.whonix.org/wiki/Disable_TCP_and_ICMP_Timestamps
net.ipv4.tcp_timestamps=0
#TCP BBR Congestion Control Algoritm
net.core.default_qdisc = cake
net.ipv4.tcp_congestion_control = bbr
#Ignore ICMP Ping requests
net.ipv4.icmp_echo_ignore_all = 1
net.ipv6.icmp.echo_ignore_all = 1
#Increase the memory dedicated to the network interfaces
net.core.rmem_default = 1048576
net.core.rmem_max = 16777216
net.core.wmem_default = 1048576
net.core.wmem_max = 16777216
net.core.optmem_max = 65536
net.ipv4.tcp_rmem = 4096 1048576 2097152
net.ipv4.tcp_wmem = 4096 65536 16777216
net.ipv4.udp_rmem_min = 8192
net.ipv4.udp_wmem_min = 8192
# increase aslr effectiveness for mmap
# https://lwn.net/Articles/667790
vm.mmap_rnd_bits=32
vm.mmap_rnd_compat_bits=16
#SYN Flood Protection
net.ipv4.tcp_max_syn_backlog = 1024
net.ipv4.tcp_syn_retries = 6
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_syncookies = 1