diff options
author | bnewbold <bnewbold@robocracy.org> | 2013-08-25 03:49:31 +0000 |
---|---|---|
committer | bnewbold <bnewbold@robocracy.org> | 2013-08-25 03:49:31 +0000 |
commit | a80f0eaeb3b3a3591d1e00866a36dc51d89e26f0 (patch) | |
tree | 21c5da95539bc3f6181ec5537c939a4ec0269b02 /polystrap/novena/root/etc/sysctl.d | |
parent | a488c83cfab723e221dc36de127ff3542525e2e2 (diff) | |
download | buildroot-novena-a80f0eaeb3b3a3591d1e00866a36dc51d89e26f0.tar.gz buildroot-novena-a80f0eaeb3b3a3591d1e00866a36dc51d89e26f0.zip |
novena debian: skeleton router sysctl settings
Diffstat (limited to 'polystrap/novena/root/etc/sysctl.d')
3 files changed, 17 insertions, 0 deletions
diff --git a/polystrap/novena/root/etc/sysctl.d/50-ip-forwarding.conf b/polystrap/novena/root/etc/sysctl.d/50-ip-forwarding.conf new file mode 100644 index 000000000..43598fde6 --- /dev/null +++ b/polystrap/novena/root/etc/sysctl.d/50-ip-forwarding.conf @@ -0,0 +1,8 @@ +# Uncomment the next line to enable packet forwarding for IPv4 +# Enable for router, disable for laptop +#net.ipv4.ip_forward=1 + +# Uncomment the next line to enable packet forwarding for IPv6 +# Enabling this option disables Stateless Address Autoconfiguration +# based on Router Advertisements for this host +#net.ipv6.conf.all.forwarding=1 diff --git a/polystrap/novena/root/etc/sysctl.d/51-ipv6-tempaddr.conf b/polystrap/novena/root/etc/sysctl.d/51-ipv6-tempaddr.conf new file mode 100644 index 000000000..5a9d70051 --- /dev/null +++ b/polystrap/novena/root/etc/sysctl.d/51-ipv6-tempaddr.conf @@ -0,0 +1,4 @@ +# Enable for (more) privacy with laptops +# Disable for router +#net.ipv6.conf.all.use_tempaddr=2 +#net.ipv6.conf.default.use_tempaddr=2 diff --git a/polystrap/novena/root/etc/sysctl.d/52-misc-networking.conf b/polystrap/novena/root/etc/sysctl.d/52-misc-networking.conf new file mode 100644 index 000000000..9d1daa83d --- /dev/null +++ b/polystrap/novena/root/etc/sysctl.d/52-misc-networking.conf @@ -0,0 +1,5 @@ +# Uncomment the next two lines to enable Spoof protection (reverse-path filter) +# Turn on Source Address Verification in all interfaces to +# prevent some spoofing attacks +#net.ipv4.conf.default.rp_filter=1 +#net.ipv4.conf.all.rp_filter=1 |