Brad Bishop | c342db3 | 2019-05-15 21:57:59 -0400 | [diff] [blame] | 1 | # This configuration taken from procps v3.3.15 |
| 2 | # Commented out kernel/pid_max=10000 line |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 3 | # |
| 4 | # /etc/sysctl.conf - Configuration file for setting system variables |
| 5 | # See sysctl.conf (5) for information. |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 6 | |
Brad Bishop | c342db3 | 2019-05-15 21:57:59 -0400 | [diff] [blame] | 7 | # you can have the CD-ROM close when you use it, and open |
| 8 | # when you are done. |
| 9 | #dev.cdrom.autoeject = 1 |
| 10 | #dev.cdrom.autoclose = 1 |
| 11 | |
| 12 | # protection from the SYN flood attack |
| 13 | net/ipv4/tcp_syncookies=1 |
| 14 | |
| 15 | # see the evil packets in your log files |
| 16 | net/ipv4/conf/all/log_martians=1 |
| 17 | |
| 18 | # makes you vulnerable or not :-) |
| 19 | net/ipv4/conf/all/accept_redirects=0 |
| 20 | net/ipv4/conf/all/accept_source_route=0 |
| 21 | net/ipv4/icmp_echo_ignore_broadcasts =1 |
| 22 | |
| 23 | # needed for routing, including masquerading or NAT |
| 24 | #net/ipv4/ip_forward=1 |
| 25 | |
| 26 | # sets the port range used for outgoing connections |
| 27 | #net.ipv4.ip_local_port_range = 32768 61000 |
| 28 | |
| 29 | # Broken routers and obsolete firewalls will corrupt the window scaling |
| 30 | # and ECN. Set these values to 0 to disable window scaling and ECN. |
| 31 | # This may, rarely, cause some performance loss when running high-speed |
| 32 | # TCP/IP over huge distances or running TCP/IP over connections with high |
| 33 | # packet loss and modern routers. This sure beats dropped connections. |
| 34 | #net.ipv4.tcp_ecn = 0 |
| 35 | |
| 36 | # Swapping too much or not enough? Disks spinning up when you'd |
| 37 | # rather they didn't? Tweak these. |
| 38 | #vm.vfs_cache_pressure = 100 |
| 39 | #vm.laptop_mode = 0 |
| 40 | #vm.swappiness = 60 |
| 41 | |
| 42 | #kernel.printk_ratelimit_burst = 10 |
| 43 | #kernel.printk_ratelimit = 5 |
| 44 | #kernel.panic_on_oops = 0 |
| 45 | |
| 46 | # Reboot 600 seconds after a panic |
| 47 | #kernel.panic = 600 |
| 48 | |
| 49 | # enable SysRq key (note: console security issues) |
| 50 | #kernel.sysrq = 1 |
| 51 | |
| 52 | # Change name of core file to start with the command name |
| 53 | # so you get things like: emacs.core mozilla-bin.core X.core |
| 54 | #kernel.core_pattern = %e.core |
| 55 | |
| 56 | # NIS/YP domain (not always equal to DNS domain) |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 57 | #kernel.domainname = example.com |
Brad Bishop | c342db3 | 2019-05-15 21:57:59 -0400 | [diff] [blame] | 58 | #kernel.hostname = darkstar |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 59 | |
Brad Bishop | c342db3 | 2019-05-15 21:57:59 -0400 | [diff] [blame] | 60 | # This limits PID values to 4 digits, which allows tools like ps |
| 61 | # to save screen space. |
| 62 | #kernel/pid_max=10000 |
Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 63 | |
Brad Bishop | c342db3 | 2019-05-15 21:57:59 -0400 | [diff] [blame] | 64 | # Protects against creating or following links under certain conditions |
| 65 | # See https://www.kernel.org/doc/Documentation/sysctl/fs.txt |
| 66 | #fs.protected_hardlinks = 1 |
| 67 | #fs.protected_symlinks = 1 |