[openwrt/openwrt] base-files: move sysctl defaults to /etc/sysctl.d/10-default.conf
LEDE Commits
lede-commits at lists.infradead.org
Fri Apr 13 01:21:52 PDT 2018
neoraider pushed a commit to openwrt/openwrt.git, branch master:
https://git.lede-project.org/bee696d66c95337d91fc0256afbf481dc93ddb27
commit bee696d66c95337d91fc0256afbf481dc93ddb27
Author: Matthias Schiffer <mschiffer at universe-factory.net>
AuthorDate: Thu Apr 12 17:37:29 2018 +0200
base-files: move sysctl defaults to /etc/sysctl.d/10-default.conf
Signed-off-by: Matthias Schiffer <mschiffer at universe-factory.net>
---
package/base-files/files/etc/sysctl.conf | 32 +---------------------
.../etc/{sysctl.conf => sysctl.d/10-default.conf} | 3 ++
package/base-files/files/etc/sysctl.d/local.conf | 1 -
3 files changed, 4 insertions(+), 32 deletions(-)
diff --git a/package/base-files/files/etc/sysctl.conf b/package/base-files/files/etc/sysctl.conf
index ddc7a9b..ae04212 100644
--- a/package/base-files/files/etc/sysctl.conf
+++ b/package/base-files/files/etc/sysctl.conf
@@ -1,31 +1 @@
-kernel.panic=3
-kernel.core_pattern=/tmp/%e.%t.%p.%s.core
-fs.suid_dumpable=2
-
-net.ipv4.conf.default.arp_ignore=1
-net.ipv4.conf.all.arp_ignore=1
-net.ipv4.ip_forward=1
-net.ipv4.icmp_echo_ignore_broadcasts=1
-net.ipv4.icmp_ignore_bogus_error_responses=1
-net.ipv4.igmp_max_memberships=100
-net.ipv4.tcp_fin_timeout=30
-net.ipv4.tcp_keepalive_time=120
-net.ipv4.tcp_syncookies=1
-net.ipv4.tcp_timestamps=1
-net.ipv4.tcp_sack=1
-net.ipv4.tcp_dsack=1
-
-net.ipv6.conf.default.forwarding=1
-net.ipv6.conf.all.forwarding=1
-
-net.netfilter.nf_conntrack_acct=1
-net.netfilter.nf_conntrack_checksum=0
-net.netfilter.nf_conntrack_max=16384
-net.netfilter.nf_conntrack_tcp_timeout_established=7440
-net.netfilter.nf_conntrack_udp_timeout=60
-net.netfilter.nf_conntrack_udp_timeout_stream=180
-
-# disable bridge firewalling by default
-net.bridge.bridge-nf-call-arptables=0
-net.bridge.bridge-nf-call-ip6tables=0
-net.bridge.bridge-nf-call-iptables=0
+# Defaults are configured in /etc/sysctl.d/* and can be customized in this file
diff --git a/package/base-files/files/etc/sysctl.conf b/package/base-files/files/etc/sysctl.d/10-default.conf
similarity index 88%
copy from package/base-files/files/etc/sysctl.conf
copy to package/base-files/files/etc/sysctl.d/10-default.conf
index ddc7a9b..7c3344d 100644
--- a/package/base-files/files/etc/sysctl.conf
+++ b/package/base-files/files/etc/sysctl.d/10-default.conf
@@ -1,3 +1,6 @@
+# Do not edit, changes to this file will be lost on upgrades
+# /etc/sysctl.conf can be used to customize sysctl settings
+
kernel.panic=3
kernel.core_pattern=/tmp/%e.%t.%p.%s.core
fs.suid_dumpable=2
diff --git a/package/base-files/files/etc/sysctl.d/local.conf b/package/base-files/files/etc/sysctl.d/local.conf
deleted file mode 100644
index 891da73..0000000
--- a/package/base-files/files/etc/sysctl.d/local.conf
+++ /dev/null
@@ -1 +0,0 @@
-# local sysctl settings can be stored in this directory
More information about the lede-commits
mailing list