Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
kernel-hardening-checker
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
fact-depend
kernel-hardening-checker
Commits
b80b8c91
Commit
b80b8c91
authored
Jan 17, 2024
by
Alexander Popov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update the Ubuntu example configs
parent
011315f0
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
356 additions
and
830 deletions
+356
-830
example_sysctls.txt
...ardening_checker/config_files/distros/example_sysctls.txt
+356
-830
ubuntu-22.04.config
...ardening_checker/config_files/distros/ubuntu-22.04.config
+0
-0
No files found.
kernel_hardening_checker/config_files/distros/example_sysctls.txt
View file @
b80b8c91
abi.vsyscall32 = 1
crypto.fips_enabled = 0
crypto.fips_name = Linux Kernel Cryptographic API
crypto.fips_version = 6.4.8-200.fc38.x86_64
debug.exception-trace = 1
debug.kprobes-optimization = 1
dev.cdrom.autoclose = 1
...
...
@@ -10,32 +7,30 @@ dev.cdrom.check_media = 0
dev.cdrom.debug = 0
dev.cdrom.info = CD-ROM information, Id: cdrom.c 3.20 2003/12/17
dev.cdrom.info =
dev.cdrom.info = drive name:
dev.cdrom.info = drive speed:
dev.cdrom.info = drive # of slots:
dev.cdrom.info = Can close tray:
dev.cdrom.info = Can open tray:
dev.cdrom.info = Can lock tray:
dev.cdrom.info = Can change speed:
dev.cdrom.info = Can select disk:
dev.cdrom.info = Can read multisession:
dev.cdrom.info = Can read MCN:
dev.cdrom.info = Reports media changed:
dev.cdrom.info = Can play audio:
dev.cdrom.info = Can write CD-R:
dev.cdrom.info = Can write CD-RW:
dev.cdrom.info = Can read DVD:
dev.cdrom.info = Can write DVD-R:
dev.cdrom.info = Can write DVD-RAM:
dev.cdrom.info = Can read MRW:
dev.cdrom.info = Can write MRW:
dev.cdrom.info = Can write RAM:
dev.cdrom.info = drive name:
sr0
dev.cdrom.info = drive speed:
1
dev.cdrom.info = drive # of slots:
1
dev.cdrom.info = Can close tray:
1
dev.cdrom.info = Can open tray:
1
dev.cdrom.info = Can lock tray:
1
dev.cdrom.info = Can change speed:
1
dev.cdrom.info = Can select disk:
0
dev.cdrom.info = Can read multisession:
1
dev.cdrom.info = Can read MCN:
1
dev.cdrom.info = Reports media changed:
1
dev.cdrom.info = Can play audio:
1
dev.cdrom.info = Can write CD-R:
1
dev.cdrom.info = Can write CD-RW:
1
dev.cdrom.info = Can read DVD:
1
dev.cdrom.info = Can write DVD-R:
1
dev.cdrom.info = Can write DVD-RAM:
1
dev.cdrom.info = Can read MRW:
1
dev.cdrom.info = Can write MRW:
1
dev.cdrom.info = Can write RAM:
1
dev.cdrom.info =
dev.cdrom.info =
dev.cdrom.lock =
1
dev.cdrom.lock =
0
dev.hpet.max-user-freq = 64
dev.i915.oa_max_sample_rate = 100000
dev.i915.perf_stream_paranoid = 1
dev.mac_hid.mouse_button2_keycode = 97
dev.mac_hid.mouse_button3_keycode = 100
dev.mac_hid.mouse_button_emulation = 0
...
...
@@ -43,209 +38,22 @@ dev.raid.speed_limit_max = 200000
dev.raid.speed_limit_min = 1000
dev.scsi.logging_level = 0
dev.tty.ldisc_autoload = 1
dev.tty.legacy_tiocsti = 0
fs.aio-max-nr = 1048576
fs.aio-max-nr = 65536
fs.aio-nr = 0
fs.binfmt_misc.qemu-xtensaeb = enabled
fs.binfmt_misc.qemu-xtensaeb = interpreter /usr/bin/qemu-xtensaeb-static
fs.binfmt_misc.qemu-xtensaeb = flags: F
fs.binfmt_misc.qemu-xtensaeb = offset 0
fs.binfmt_misc.qemu-xtensaeb = magic 7f454c460102010000000000000000000002005e
fs.binfmt_misc.qemu-xtensaeb = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-xtensa = enabled
fs.binfmt_misc.qemu-xtensa = interpreter /usr/bin/qemu-xtensa-static
fs.binfmt_misc.qemu-xtensa = flags: F
fs.binfmt_misc.qemu-xtensa = offset 0
fs.binfmt_misc.qemu-xtensa = magic 7f454c4601010100000000000000000002005e00
fs.binfmt_misc.qemu-xtensa = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-sparc64 = enabled
fs.binfmt_misc.qemu-sparc64 = interpreter /usr/bin/qemu-sparc64-static
fs.binfmt_misc.qemu-sparc64 = flags: F
fs.binfmt_misc.qemu-sparc64 = offset 0
fs.binfmt_misc.qemu-sparc64 = magic 7f454c460202010000000000000000000002002b
fs.binfmt_misc.qemu-sparc64 = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-sparc32plus = enabled
fs.binfmt_misc.qemu-sparc32plus = interpreter /usr/bin/qemu-sparc32plus-static
fs.binfmt_misc.qemu-sparc32plus = flags: F
fs.binfmt_misc.qemu-sparc32plus = offset 0
fs.binfmt_misc.qemu-sparc32plus = magic 7f454c4601020100000000000000000000020012
fs.binfmt_misc.qemu-sparc32plus = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-sparc = enabled
fs.binfmt_misc.qemu-sparc = interpreter /usr/bin/qemu-sparc-static
fs.binfmt_misc.qemu-sparc = flags: F
fs.binfmt_misc.qemu-sparc = offset 0
fs.binfmt_misc.qemu-sparc = magic 7f454c4601020100000000000000000000020002
fs.binfmt_misc.qemu-sparc = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-sh4eb = enabled
fs.binfmt_misc.qemu-sh4eb = interpreter /usr/bin/qemu-sh4eb-static
fs.binfmt_misc.qemu-sh4eb = flags: F
fs.binfmt_misc.qemu-sh4eb = offset 0
fs.binfmt_misc.qemu-sh4eb = magic 7f454c460102010000000000000000000002002a
fs.binfmt_misc.qemu-sh4eb = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-sh4 = enabled
fs.binfmt_misc.qemu-sh4 = interpreter /usr/bin/qemu-sh4-static
fs.binfmt_misc.qemu-sh4 = flags: F
fs.binfmt_misc.qemu-sh4 = offset 0
fs.binfmt_misc.qemu-sh4 = magic 7f454c4601010100000000000000000002002a00
fs.binfmt_misc.qemu-sh4 = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-s390x = enabled
fs.binfmt_misc.qemu-s390x = interpreter /usr/bin/qemu-s390x-static
fs.binfmt_misc.qemu-s390x = flags: F
fs.binfmt_misc.qemu-s390x = offset 0
fs.binfmt_misc.qemu-s390x = magic 7f454c4602020100000000000000000000020016
fs.binfmt_misc.qemu-s390x = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-riscv64 = enabled
fs.binfmt_misc.qemu-riscv64 = interpreter /usr/bin/qemu-riscv64-static
fs.binfmt_misc.qemu-riscv64 = flags: F
fs.binfmt_misc.qemu-riscv64 = offset 0
fs.binfmt_misc.qemu-riscv64 = magic 7f454c460201010000000000000000000200f300
fs.binfmt_misc.qemu-riscv64 = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-riscv32 = enabled
fs.binfmt_misc.qemu-riscv32 = interpreter /usr/bin/qemu-riscv32-static
fs.binfmt_misc.qemu-riscv32 = flags: F
fs.binfmt_misc.qemu-riscv32 = offset 0
fs.binfmt_misc.qemu-riscv32 = magic 7f454c460101010000000000000000000200f300
fs.binfmt_misc.qemu-riscv32 = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-ppc64le = enabled
fs.binfmt_misc.qemu-ppc64le = interpreter /usr/bin/qemu-ppc64le-static
fs.binfmt_misc.qemu-ppc64le = flags: F
fs.binfmt_misc.qemu-ppc64le = offset 0
fs.binfmt_misc.qemu-ppc64le = magic 7f454c4602010100000000000000000002001500
fs.binfmt_misc.qemu-ppc64le = mask ffffffffffffff00fffffffffffffffffeffff00
fs.binfmt_misc.qemu-ppc64 = enabled
fs.binfmt_misc.qemu-ppc64 = interpreter /usr/bin/qemu-ppc64-static
fs.binfmt_misc.qemu-ppc64 = flags: F
fs.binfmt_misc.qemu-ppc64 = offset 0
fs.binfmt_misc.qemu-ppc64 = magic 7f454c4602020100000000000000000000020015
fs.binfmt_misc.qemu-ppc64 = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-ppc = enabled
fs.binfmt_misc.qemu-ppc = interpreter /usr/bin/qemu-ppc-static
fs.binfmt_misc.qemu-ppc = flags: F
fs.binfmt_misc.qemu-ppc = offset 0
fs.binfmt_misc.qemu-ppc = magic 7f454c4601020100000000000000000000020014
fs.binfmt_misc.qemu-ppc = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-or1k = enabled
fs.binfmt_misc.qemu-or1k = interpreter /usr/bin/qemu-or1k-static
fs.binfmt_misc.qemu-or1k = flags: F
fs.binfmt_misc.qemu-or1k = offset 0
fs.binfmt_misc.qemu-or1k = magic 7f454c460102010000000000000000000002005c
fs.binfmt_misc.qemu-or1k = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-mipsn32el = enabled
fs.binfmt_misc.qemu-mipsn32el = interpreter /usr/bin/qemu-mipsn32el-static
fs.binfmt_misc.qemu-mipsn32el = flags: F
fs.binfmt_misc.qemu-mipsn32el = offset 0
fs.binfmt_misc.qemu-mipsn32el = magic 7f454c46010101000000000000000000020008000100000000000000000000000000000020000000
fs.binfmt_misc.qemu-mipsn32el = mask ffffffffffffff0000fffffffffffffffeffffffffffffff00000000000000000000000020000000
fs.binfmt_misc.qemu-mipsn32 = enabled
fs.binfmt_misc.qemu-mipsn32 = interpreter /usr/bin/qemu-mipsn32-static
fs.binfmt_misc.qemu-mipsn32 = flags: F
fs.binfmt_misc.qemu-mipsn32 = offset 0
fs.binfmt_misc.qemu-mipsn32 = magic 7f454c46010201000000000000000000000200080000000100000000000000000000000000000020
fs.binfmt_misc.qemu-mipsn32 = mask ffffffffffffff0000fffffffffffffffffeffffffffffff00000000000000000000000000000020
fs.binfmt_misc.qemu-mipsel = enabled
fs.binfmt_misc.qemu-mipsel = interpreter /usr/bin/qemu-mipsel-static
fs.binfmt_misc.qemu-mipsel = flags: F
fs.binfmt_misc.qemu-mipsel = offset 0
fs.binfmt_misc.qemu-mipsel = magic 7f454c46010101000000000000000000020008000100000000000000000000000000000000000000
fs.binfmt_misc.qemu-mipsel = mask ffffffffffffff0000fffffffffffffffeffffffffffffff00000000000000000000000020000000
fs.binfmt_misc.qemu-mips64el = enabled
fs.binfmt_misc.qemu-mips64el = interpreter /usr/bin/qemu-mips64el-static
fs.binfmt_misc.qemu-mips64el = flags: F
fs.binfmt_misc.qemu-mips64el = offset 0
fs.binfmt_misc.qemu-mips64el = magic 7f454c4602010100000000000000000002000800
fs.binfmt_misc.qemu-mips64el = mask ffffffffffffff0000fffffffffffffffeffffff
fs.binfmt_misc.qemu-mips64 = enabled
fs.binfmt_misc.qemu-mips64 = interpreter /usr/bin/qemu-mips64-static
fs.binfmt_misc.qemu-mips64 = flags: F
fs.binfmt_misc.qemu-mips64 = offset 0
fs.binfmt_misc.qemu-mips64 = magic 7f454c4602020100000000000000000000020008
fs.binfmt_misc.qemu-mips64 = mask ffffffffffffff0000fffffffffffffffffeffff
fs.binfmt_misc.qemu-mips = enabled
fs.binfmt_misc.qemu-mips = interpreter /usr/bin/qemu-mips-static
fs.binfmt_misc.qemu-mips = flags: F
fs.binfmt_misc.qemu-mips = offset 0
fs.binfmt_misc.qemu-mips = magic 7f454c46010201000000000000000000000200080000000100000000000000000000000000000000
fs.binfmt_misc.qemu-mips = mask ffffffffffffff0000fffffffffffffffffeffffffffffff00000000000000000000000000000020
fs.binfmt_misc.qemu-microblazeel = enabled
fs.binfmt_misc.qemu-microblazeel = interpreter /usr/bin/qemu-microblazeel-static
fs.binfmt_misc.qemu-microblazeel = flags: F
fs.binfmt_misc.qemu-microblazeel = offset 0
fs.binfmt_misc.qemu-microblazeel = magic 7f454c460101010000000000000000000200abba
fs.binfmt_misc.qemu-microblazeel = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-microblaze = enabled
fs.binfmt_misc.qemu-microblaze = interpreter /usr/bin/qemu-microblaze-static
fs.binfmt_misc.qemu-microblaze = flags: F
fs.binfmt_misc.qemu-microblaze = offset 0
fs.binfmt_misc.qemu-microblaze = magic 7f454c460102010000000000000000000200baab
fs.binfmt_misc.qemu-microblaze = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-m68k = enabled
fs.binfmt_misc.qemu-m68k = interpreter /usr/bin/qemu-m68k-static
fs.binfmt_misc.qemu-m68k = flags: F
fs.binfmt_misc.qemu-m68k = offset 0
fs.binfmt_misc.qemu-m68k = magic 7f454c4601020100000000000000000000020004
fs.binfmt_misc.qemu-m68k = mask fffffffffffffe00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-loongarch64 = enabled
fs.binfmt_misc.qemu-loongarch64 = interpreter /usr/bin/qemu-loongarch64-static
fs.binfmt_misc.qemu-loongarch64 = flags: F
fs.binfmt_misc.qemu-loongarch64 = offset 0
fs.binfmt_misc.qemu-loongarch64 = magic 7f454c4602010100000000000000000002000201
fs.binfmt_misc.qemu-loongarch64 = mask fffffffffffffffc00fffffffffffffffeffffff
fs.binfmt_misc.qemu-hppa = enabled
fs.binfmt_misc.qemu-hppa = interpreter /usr/bin/qemu-hppa-static
fs.binfmt_misc.qemu-hppa = flags: F
fs.binfmt_misc.qemu-hppa = offset 0
fs.binfmt_misc.qemu-hppa = magic 7f454c460102010000000000000000000002000f
fs.binfmt_misc.qemu-hppa = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-hexagon = enabled
fs.binfmt_misc.qemu-hexagon = interpreter /usr/bin/qemu-hexagon-static
fs.binfmt_misc.qemu-hexagon = flags: F
fs.binfmt_misc.qemu-hexagon = offset 0
fs.binfmt_misc.qemu-hexagon = magic 7f454c460101010000000000000000000200a400
fs.binfmt_misc.qemu-hexagon = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-armeb = enabled
fs.binfmt_misc.qemu-armeb = interpreter /usr/bin/qemu-armeb-static
fs.binfmt_misc.qemu-armeb = flags: F
fs.binfmt_misc.qemu-armeb = offset 0
fs.binfmt_misc.qemu-armeb = magic 7f454c4601020100000000000000000000020028
fs.binfmt_misc.qemu-armeb = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-arm = enabled
fs.binfmt_misc.qemu-arm = interpreter /usr/bin/qemu-arm-static
fs.binfmt_misc.qemu-arm = flags: F
fs.binfmt_misc.qemu-arm = offset 0
fs.binfmt_misc.qemu-arm = magic 7f454c4601010100000000000000000002002800
fs.binfmt_misc.qemu-arm = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-alpha = enabled
fs.binfmt_misc.qemu-alpha = interpreter /usr/bin/qemu-alpha-static
fs.binfmt_misc.qemu-alpha = flags: F
fs.binfmt_misc.qemu-alpha = offset 0
fs.binfmt_misc.qemu-alpha = magic 7f454c4602010100000000000000000002002690
fs.binfmt_misc.qemu-alpha = mask fffffffffffefe00fffffffffffffffffeffffff
fs.binfmt_misc.qemu-aarch64_be = enabled
fs.binfmt_misc.qemu-aarch64_be = interpreter /usr/bin/qemu-aarch64_be-static
fs.binfmt_misc.qemu-aarch64_be = flags: F
fs.binfmt_misc.qemu-aarch64_be = offset 0
fs.binfmt_misc.qemu-aarch64_be = magic 7f454c46020201000000000000000000000200b7
fs.binfmt_misc.qemu-aarch64_be = mask ffffffffffffff00fffffffffffffffffffeffff
fs.binfmt_misc.qemu-aarch64 = enabled
fs.binfmt_misc.qemu-aarch64 = interpreter /usr/bin/qemu-aarch64-static
fs.binfmt_misc.qemu-aarch64 = flags: F
fs.binfmt_misc.qemu-aarch64 = offset 0
fs.binfmt_misc.qemu-aarch64 = magic 7f454c460201010000000000000000000200b700
fs.binfmt_misc.qemu-aarch64 = mask ffffffffffffff00fffffffffffffffffeffffff
fs.binfmt_misc.status = enabled
fs.dentry-state =
96160 60449 45 0 18216
0
fs.dentry-state =
371268 317893 45 0 59993
0
fs.dir-notify-enable = 1
fs.epoll.max_user_watches = 17
67869
fs.epoll.max_user_watches = 17
79801
fs.fanotify.max_queued_events = 16384
fs.fanotify.max_user_groups = 128
fs.fanotify.max_user_marks = 64
337
fs.file-max =
9223372036854775807
fs.file-nr =
16182 0 9223372036854775807
fs.inode-nr =
78029 667
fs.inode-state =
78029 667
0 0 0 0 0
fs.fanotify.max_user_marks = 64
771
fs.file-max =
1000000
fs.file-nr =
3552 0 1000000
fs.inode-nr =
318298 27310
fs.inode-state =
318298 27310
0 0 0 0 0
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 128
fs.inotify.max_user_watches = 60
507
fs.inotify.max_user_watches = 60
915
fs.lease-break-time = 45
fs.leases-enable = 1
fs.mount-max = 100000
...
...
@@ -254,7 +62,7 @@ fs.mqueue.msg_max = 10
fs.mqueue.msgsize_default = 8192
fs.mqueue.msgsize_max = 8192
fs.mqueue.queues_max = 256
fs.nr_open = 10
7374181
6
fs.nr_open = 10
4857
6
fs.overflowgid = 65534
fs.overflowuid = 65534
fs.pipe-max-size = 1048576
...
...
@@ -262,7 +70,7 @@ fs.pipe-user-pages-hard = 0
fs.pipe-user-pages-soft = 16384
fs.protected_fifos = 1
fs.protected_hardlinks = 1
fs.protected_regular =
1
fs.protected_regular =
2
fs.protected_symlinks = 1
fs.quota.allocated_dquots = 0
fs.quota.cache_hits = 0
...
...
@@ -270,23 +78,24 @@ fs.quota.drops = 0
fs.quota.free_dquots = 0
fs.quota.lookups = 0
fs.quota.reads = 0
fs.quota.syncs =
2
8
fs.quota.syncs = 8
fs.quota.writes = 0
fs.suid_dumpable = 2
fs.verity.require_signatures = 0
kernel.acct = 4 2 30
kernel.acpi_video_flags = 0
kernel.a
rch = x86_64
kernel.a
pparmor_display_secid_mode = 0
kernel.auto_msgmni = 0
kernel.bootloader_type =
6
kernel.bootloader_version =
38
kernel.bootloader_type =
114
kernel.bootloader_version =
2
kernel.bpf_stats_enabled = 0
kernel.cad_pid = 1
kernel.cap_last_cap = 40
kernel.core_pattern = |/usr/
lib/systemd/systemd-coredump %P %u %g %s %t %c %h
kernel.core_pipe_limit =
16
kernel.core_pattern = |/usr/
share/apport/apport %p %s %c %d %P %E
kernel.core_pipe_limit =
0
kernel.core_uses_pid = 1
kernel.ctrl-alt-del = 0
kernel.dmesg_restrict =
0
kernel.dmesg_restrict =
1
kernel.domainname = (none)
kernel.firmware_config.force_sysfs_fallback = 0
kernel.firmware_config.ignore_sysfs_fallback = 0
...
...
@@ -294,22 +103,26 @@ kernel.ftrace_dump_on_oops = 0
kernel.ftrace_enabled = 1
kernel.hardlockup_all_cpu_backtrace = 0
kernel.hardlockup_panic = 0
kernel.hostname = hackbase
kernel.io_delay_type = 0
kernel.hostname = u2204oval
kernel.hotplug =
kernel.hung_task_all_cpu_backtrace = 0
kernel.hung_task_check_count = 4194304
kernel.hung_task_check_interval_secs = 0
kernel.hung_task_panic = 0
kernel.hung_task_timeout_secs = 120
kernel.hung_task_warnings = 10
kernel.io_delay_type = 1
kernel.kexec_load_disabled = 0
kernel.kexec_load_limit_panic = -1
kernel.kexec_load_limit_reboot = -1
kernel.keys.gc_delay = 300
kernel.keys.maxbytes = 20000
kernel.keys.maxkeys = 200
kernel.keys.persistent_keyring_expiry = 259200
kernel.keys.root_maxbytes = 25000000
kernel.keys.root_maxkeys = 1000000
kernel.kptr_restrict = 0
kernel.latencytop = 0
kernel.kptr_restrict = 1
kernel.max_lock_depth = 1024
kernel.max_rcu_stall_to_panic = 0
kernel.modprobe = /
usr/
sbin/modprobe
kernel.modprobe = /sbin/modprobe
kernel.modules_disabled = 0
kernel.msg_next_id = -1
kernel.msgmax = 8192
...
...
@@ -317,12 +130,10 @@ kernel.msgmnb = 16384
kernel.msgmni = 32000
kernel.ngroups_max = 65536
kernel.nmi_watchdog = 0
kernel.ns_last_pid =
48542
kernel.ns_last_pid =
2810585
kernel.numa_balancing = 0
kernel.numa_balancing_promote_rate_limit_MBps = 65536
kernel.oops_all_cpu_backtrace = 0
kernel.oops_limit = 10000
kernel.osrelease = 6.4.8-200.fc38.x86_64
kernel.osrelease = 5.15.0-25-generic
kernel.ostype = Linux
kernel.overflowgid = 65534
kernel.overflowuid = 65534
...
...
@@ -338,24 +149,24 @@ kernel.perf_event_max_contexts_per_stack = 8
kernel.perf_event_max_sample_rate = 100000
kernel.perf_event_max_stack = 127
kernel.perf_event_mlock_kb = 516
kernel.perf_event_paranoid =
2
kernel.perf_event_paranoid =
4
kernel.pid_max = 4194304
kernel.poweroff_cmd = /sbin/poweroff
kernel.print-fatal-signals = 0
kernel.printk =
3
4 1 7
kernel.printk =
4
4 1 7
kernel.printk_delay = 0
kernel.printk_devkmsg = on
kernel.printk_ratelimit = 5
kernel.printk_ratelimit_burst = 10
kernel.pty.max = 4096
kernel.pty.nr =
3
kernel.pty.nr =
1
kernel.pty.reserve = 1024
kernel.random.boot_id =
a3fc96e7-cd1a-4216-ac1f-99485abfbaac
kernel.random.entropy_avail =
256
kernel.random.poolsize =
25
6
kernel.random.boot_id =
22aedd89-1172-4dbf-8984-99343adac9be
kernel.random.entropy_avail =
3451
kernel.random.poolsize =
409
6
kernel.random.urandom_min_reseed_secs = 60
kernel.random.uuid =
9f8b5443-1ebf-4bbe-b291-3765969e3049
kernel.random.write_wakeup_threshold =
25
6
kernel.random.uuid =
5dbb0c08-8fd4-4537-bc4b-339cd0830e85
kernel.random.write_wakeup_threshold =
89
6
kernel.randomize_va_space = 2
kernel.real-root-dev = 0
kernel.sched_autogroup_enabled = 1
...
...
@@ -368,42 +179,52 @@ kernel.sched_rr_timeslice_ms = 100
kernel.sched_rt_period_us = 1000000
kernel.sched_rt_runtime_us = 950000
kernel.sched_schedstats = 0
kernel.sched_util_clamp_max = 1024
kernel.sched_util_clamp_min = 1024
kernel.sched_util_clamp_min_rt_default = 1024
kernel.seccomp.actions_avail = kill_process kill_thread trap errno user_notif trace log allow
kernel.seccomp.actions_logged = kill_process kill_thread trap errno user_notif trace log
kernel.sem =
32000 1024000000 500 32000
kernel.sem =
250 32000 32 275
kernel.sem_next_id = -1
kernel.sg-big-buff = 32768
kernel.shm_next_id = -1
kernel.shm_rmid_forced = 0
kernel.shmall =
18446744073692774399
kernel.shmmax = 1
8446744073692774399
kernel.shmall =
4194304
kernel.shmmax = 1
7179869184
kernel.shmmni = 4096
kernel.soft_watchdog = 1
kernel.softlockup_all_cpu_backtrace = 0
kernel.softlockup_panic = 0
kernel.split_lock_mitigate = 1
kernel.stack_tracer_enabled = 0
kernel.sysctl_writes_strict = 1
kernel.sysrq = 16
kernel.sysrq = 1
7
6
kernel.tainted = 0
kernel.task_delayacct = 0
kernel.threads-max = 62
043
kernel.threads-max = 62
462
kernel.timer_migration = 1
kernel.traceoff_on_warning = 0
kernel.tracepoint_printk = 0
kernel.unknown_nmi_panic = 0
kernel.unprivileged_bpf_disabled = 1
kernel.unprivileged_bpf_disabled = 2
kernel.unprivileged_userns_apparmor_policy = 1
kernel.unprivileged_userns_clone = 1
kernel.usermodehelper.bset = 4294967295 511
kernel.usermodehelper.inheritable = 4294967295 511
kernel.version = #1 SMP PREEMPT_DYNAMIC Thu Aug 3 21:44:06 UTC 2023
kernel.warn_limit = 0
kernel.version = #25-Ubuntu SMP Wed Mar 30 15:54:22 UTC 2022
kernel.watchdog = 1
kernel.watchdog_cpumask = 0-
3
kernel.watchdog_cpumask = 0-
127
kernel.watchdog_thresh = 10
kernel.yama.ptrace_scope = 0
kernel.yama.ptrace_scope = 1
net.bridge.bridge-nf-call-arptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-filter-pppoe-tagged = 0
net.bridge.bridge-nf-filter-vlan-tagged = 0
net.bridge.bridge-nf-pass-vlan-input-dev = 0
net.core.bpf_jit_enable = 1
net.core.bpf_jit_harden = 0
net.core.bpf_jit_kallsyms = 1
net.core.bpf_jit_limit =
528482304
net.core.bpf_jit_limit =
264241152
net.core.busy_poll = 0
net.core.busy_read = 0
net.core.default_qdisc = fq_codel
...
...
@@ -412,7 +233,7 @@ net.core.dev_weight_rx_bias = 1
net.core.dev_weight_tx_bias = 1
net.core.devconf_inherit_init_net = 0
net.core.fb_tunnels_only_for_init_net = 0
net.core.flow_limit_cpu_bitmap = 0
net.core.flow_limit_cpu_bitmap = 0
0000000,00000000,00000000,00000000
net.core.flow_limit_table_len = 4096
net.core.gro_normal_batch = 8
net.core.high_order_alloc_disable = 0
...
...
@@ -420,20 +241,17 @@ net.core.max_skb_frags = 17
net.core.message_burst = 10
net.core.message_cost = 5
net.core.netdev_budget = 300
net.core.netdev_budget_usecs =
2
000
net.core.netdev_budget_usecs =
8
000
net.core.netdev_max_backlog = 1000
net.core.netdev_rss_key =
07:7f:94:66:b3:d5:a3:4d:3a:9a:25:9a:b7:19:93:8d:25:ea:b3:83:32:1f:13:87:5d:f9:f9:14:60:ec:0b:1c:b8:d3:b0:a9:e7:70:97:a1:ce:c8:ef:82:9c:f3:a2:18:fc:4f:4c:24
net.core.netdev_rss_key =
e1:ca:53:a8:12:b0:cc:46:ba:45:59:ad:99:fd:56:e3:0d:e3:d5:91:46:60:f8:3c:e0:7b:32:6a:00:ea:44:73:07:1e:2a:3f:9c:1d:32:3b:3e:12:ed:0b:5c:35:82:30:71:0c:69:73
net.core.netdev_tstamp_prequeue = 1
net.core.netdev_unregister_timeout_secs = 10
net.core.optmem_max =
8192
0
net.core.optmem_max =
2048
0
net.core.rmem_default = 212992
net.core.rmem_max = 212992
net.core.rps_default_mask = 0
net.core.rps_sock_flow_entries = 0
net.core.skb_defer_max = 64
net.core.somaxconn = 4096
net.core.somaxconn = 1024
net.core.tstamp_allow_data = 1
net.core.txrehash = 1
net.core.warnings = 0
net.core.wmem_default = 212992
net.core.wmem_max = 212992
...
...
@@ -450,7 +268,6 @@ net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.arp_accept = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.all.arp_evict_nocarrier = 1
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_notify = 0
...
...
@@ -472,7 +289,7 @@ net.ipv4.conf.all.promote_secondaries = 0
net.ipv4.conf.all.proxy_arp = 0
net.ipv4.conf.all.proxy_arp_pvlan = 0
net.ipv4.conf.all.route_localnet = 0
net.ipv4.conf.all.rp_filter =
0
net.ipv4.conf.all.rp_filter =
2
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.all.send_redirects = 1
net.ipv4.conf.all.shared_media = 1
...
...
@@ -483,7 +300,6 @@ net.ipv4.conf.default.accept_redirects = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.arp_accept = 0
net.ipv4.conf.default.arp_announce = 0
net.ipv4.conf.default.arp_evict_nocarrier = 1
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.arp_ignore = 0
net.ipv4.conf.default.arp_notify = 0
...
...
@@ -511,45 +327,75 @@ net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.default.shared_media = 1
net.ipv4.conf.default.src_valid_mark = 0
net.ipv4.conf.default.tag = 0
net.ipv4.conf.enp0s31f6.accept_local = 0
net.ipv4.conf.enp0s31f6.accept_redirects = 1
net.ipv4.conf.enp0s31f6.accept_source_route = 0
net.ipv4.conf.enp0s31f6.arp_accept = 0
net.ipv4.conf.enp0s31f6.arp_announce = 0
net.ipv4.conf.enp0s31f6.arp_evict_nocarrier = 1
net.ipv4.conf.enp0s31f6.arp_filter = 0
net.ipv4.conf.enp0s31f6.arp_ignore = 0
net.ipv4.conf.enp0s31f6.arp_notify = 0
net.ipv4.conf.enp0s31f6.bc_forwarding = 0
net.ipv4.conf.enp0s31f6.bootp_relay = 0
net.ipv4.conf.enp0s31f6.disable_policy = 0
net.ipv4.conf.enp0s31f6.disable_xfrm = 0
net.ipv4.conf.enp0s31f6.drop_gratuitous_arp = 0
net.ipv4.conf.enp0s31f6.drop_unicast_in_l2_multicast = 0
net.ipv4.conf.enp0s31f6.force_igmp_version = 0
net.ipv4.conf.enp0s31f6.forwarding = 1
net.ipv4.conf.enp0s31f6.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.enp0s31f6.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.enp0s31f6.ignore_routes_with_linkdown = 0
net.ipv4.conf.enp0s31f6.log_martians = 0
net.ipv4.conf.enp0s31f6.mc_forwarding = 0
net.ipv4.conf.enp0s31f6.medium_id = 0
net.ipv4.conf.enp0s31f6.promote_secondaries = 1
net.ipv4.conf.enp0s31f6.proxy_arp = 0
net.ipv4.conf.enp0s31f6.proxy_arp_pvlan = 0
net.ipv4.conf.enp0s31f6.route_localnet = 0
net.ipv4.conf.enp0s31f6.rp_filter = 2
net.ipv4.conf.enp0s31f6.secure_redirects = 1
net.ipv4.conf.enp0s31f6.send_redirects = 1
net.ipv4.conf.enp0s31f6.shared_media = 1
net.ipv4.conf.enp0s31f6.src_valid_mark = 0
net.ipv4.conf.enp0s31f6.tag = 0
net.ipv4.conf.docker0.accept_local = 0
net.ipv4.conf.docker0.accept_redirects = 1
net.ipv4.conf.docker0.accept_source_route = 0
net.ipv4.conf.docker0.arp_accept = 0
net.ipv4.conf.docker0.arp_announce = 0
net.ipv4.conf.docker0.arp_filter = 0
net.ipv4.conf.docker0.arp_ignore = 0
net.ipv4.conf.docker0.arp_notify = 0
net.ipv4.conf.docker0.bc_forwarding = 0
net.ipv4.conf.docker0.bootp_relay = 0
net.ipv4.conf.docker0.disable_policy = 0
net.ipv4.conf.docker0.disable_xfrm = 0
net.ipv4.conf.docker0.drop_gratuitous_arp = 0
net.ipv4.conf.docker0.drop_unicast_in_l2_multicast = 0
net.ipv4.conf.docker0.force_igmp_version = 0
net.ipv4.conf.docker0.forwarding = 1
net.ipv4.conf.docker0.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.docker0.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.docker0.ignore_routes_with_linkdown = 0
net.ipv4.conf.docker0.log_martians = 0
net.ipv4.conf.docker0.mc_forwarding = 0
net.ipv4.conf.docker0.medium_id = 0
net.ipv4.conf.docker0.promote_secondaries = 1
net.ipv4.conf.docker0.proxy_arp = 0
net.ipv4.conf.docker0.proxy_arp_pvlan = 0
net.ipv4.conf.docker0.route_localnet = 0
net.ipv4.conf.docker0.rp_filter = 2
net.ipv4.conf.docker0.secure_redirects = 1
net.ipv4.conf.docker0.send_redirects = 1
net.ipv4.conf.docker0.shared_media = 1
net.ipv4.conf.docker0.src_valid_mark = 0
net.ipv4.conf.docker0.tag = 0
net.ipv4.conf.ens160.accept_local = 0
net.ipv4.conf.ens160.accept_redirects = 1
net.ipv4.conf.ens160.accept_source_route = 0
net.ipv4.conf.ens160.arp_accept = 0
net.ipv4.conf.ens160.arp_announce = 0
net.ipv4.conf.ens160.arp_filter = 0
net.ipv4.conf.ens160.arp_ignore = 0
net.ipv4.conf.ens160.arp_notify = 0
net.ipv4.conf.ens160.bc_forwarding = 0
net.ipv4.conf.ens160.bootp_relay = 0
net.ipv4.conf.ens160.disable_policy = 0
net.ipv4.conf.ens160.disable_xfrm = 0
net.ipv4.conf.ens160.drop_gratuitous_arp = 0
net.ipv4.conf.ens160.drop_unicast_in_l2_multicast = 0
net.ipv4.conf.ens160.force_igmp_version = 0
net.ipv4.conf.ens160.forwarding = 1
net.ipv4.conf.ens160.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.ens160.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.ens160.ignore_routes_with_linkdown = 0
net.ipv4.conf.ens160.log_martians = 0
net.ipv4.conf.ens160.mc_forwarding = 0
net.ipv4.conf.ens160.medium_id = 0
net.ipv4.conf.ens160.promote_secondaries = 1
net.ipv4.conf.ens160.proxy_arp = 0
net.ipv4.conf.ens160.proxy_arp_pvlan = 0
net.ipv4.conf.ens160.route_localnet = 0
net.ipv4.conf.ens160.rp_filter = 2
net.ipv4.conf.ens160.secure_redirects = 1
net.ipv4.conf.ens160.send_redirects = 1
net.ipv4.conf.ens160.shared_media = 1
net.ipv4.conf.ens160.src_valid_mark = 0
net.ipv4.conf.ens160.tag = 0
net.ipv4.conf.lo.accept_local = 0
net.ipv4.conf.lo.accept_redirects = 1
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.lo.arp_accept = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.lo.arp_evict_nocarrier = 1
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_notify = 0
...
...
@@ -577,105 +423,6 @@ net.ipv4.conf.lo.send_redirects = 1
net.ipv4.conf.lo.shared_media = 1
net.ipv4.conf.lo.src_valid_mark = 0
net.ipv4.conf.lo.tag = 0
net.ipv4.conf.tun0.accept_local = 0
net.ipv4.conf.tun0.accept_redirects = 1
net.ipv4.conf.tun0.accept_source_route = 0
net.ipv4.conf.tun0.arp_accept = 0
net.ipv4.conf.tun0.arp_announce = 0
net.ipv4.conf.tun0.arp_evict_nocarrier = 1
net.ipv4.conf.tun0.arp_filter = 0
net.ipv4.conf.tun0.arp_ignore = 0
net.ipv4.conf.tun0.arp_notify = 0
net.ipv4.conf.tun0.bc_forwarding = 0
net.ipv4.conf.tun0.bootp_relay = 0
net.ipv4.conf.tun0.disable_policy = 0
net.ipv4.conf.tun0.disable_xfrm = 0
net.ipv4.conf.tun0.drop_gratuitous_arp = 0
net.ipv4.conf.tun0.drop_unicast_in_l2_multicast = 0
net.ipv4.conf.tun0.force_igmp_version = 0
net.ipv4.conf.tun0.forwarding = 1
net.ipv4.conf.tun0.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.tun0.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.tun0.ignore_routes_with_linkdown = 0
net.ipv4.conf.tun0.log_martians = 0
net.ipv4.conf.tun0.mc_forwarding = 0
net.ipv4.conf.tun0.medium_id = 0
net.ipv4.conf.tun0.promote_secondaries = 1
net.ipv4.conf.tun0.proxy_arp = 0
net.ipv4.conf.tun0.proxy_arp_pvlan = 0
net.ipv4.conf.tun0.route_localnet = 0
net.ipv4.conf.tun0.rp_filter = 2
net.ipv4.conf.tun0.secure_redirects = 1
net.ipv4.conf.tun0.send_redirects = 1
net.ipv4.conf.tun0.shared_media = 1
net.ipv4.conf.tun0.src_valid_mark = 0
net.ipv4.conf.tun0.tag = 0
net.ipv4.conf.virbr0.accept_local = 0
net.ipv4.conf.virbr0.accept_redirects = 1
net.ipv4.conf.virbr0.accept_source_route = 0
net.ipv4.conf.virbr0.arp_accept = 0
net.ipv4.conf.virbr0.arp_announce = 0
net.ipv4.conf.virbr0.arp_evict_nocarrier = 1
net.ipv4.conf.virbr0.arp_filter = 0
net.ipv4.conf.virbr0.arp_ignore = 0
net.ipv4.conf.virbr0.arp_notify = 0
net.ipv4.conf.virbr0.bc_forwarding = 0
net.ipv4.conf.virbr0.bootp_relay = 0
net.ipv4.conf.virbr0.disable_policy = 0
net.ipv4.conf.virbr0.disable_xfrm = 0
net.ipv4.conf.virbr0.drop_gratuitous_arp = 0
net.ipv4.conf.virbr0.drop_unicast_in_l2_multicast = 0
net.ipv4.conf.virbr0.force_igmp_version = 0
net.ipv4.conf.virbr0.forwarding = 1
net.ipv4.conf.virbr0.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.virbr0.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.virbr0.ignore_routes_with_linkdown = 0
net.ipv4.conf.virbr0.log_martians = 0
net.ipv4.conf.virbr0.mc_forwarding = 0
net.ipv4.conf.virbr0.medium_id = 0
net.ipv4.conf.virbr0.promote_secondaries = 1
net.ipv4.conf.virbr0.proxy_arp = 0
net.ipv4.conf.virbr0.proxy_arp_pvlan = 0
net.ipv4.conf.virbr0.route_localnet = 0
net.ipv4.conf.virbr0.rp_filter = 2
net.ipv4.conf.virbr0.secure_redirects = 1
net.ipv4.conf.virbr0.send_redirects = 1
net.ipv4.conf.virbr0.shared_media = 1
net.ipv4.conf.virbr0.src_valid_mark = 0
net.ipv4.conf.virbr0.tag = 0
net.ipv4.conf.wlp4s0.accept_local = 0
net.ipv4.conf.wlp4s0.accept_redirects = 1
net.ipv4.conf.wlp4s0.accept_source_route = 0
net.ipv4.conf.wlp4s0.arp_accept = 0
net.ipv4.conf.wlp4s0.arp_announce = 0
net.ipv4.conf.wlp4s0.arp_evict_nocarrier = 1
net.ipv4.conf.wlp4s0.arp_filter = 0
net.ipv4.conf.wlp4s0.arp_ignore = 0
net.ipv4.conf.wlp4s0.arp_notify = 0
net.ipv4.conf.wlp4s0.bc_forwarding = 0
net.ipv4.conf.wlp4s0.bootp_relay = 0
net.ipv4.conf.wlp4s0.disable_policy = 0
net.ipv4.conf.wlp4s0.disable_xfrm = 0
net.ipv4.conf.wlp4s0.drop_gratuitous_arp = 0
net.ipv4.conf.wlp4s0.drop_unicast_in_l2_multicast = 0
net.ipv4.conf.wlp4s0.force_igmp_version = 0
net.ipv4.conf.wlp4s0.forwarding = 1
net.ipv4.conf.wlp4s0.igmpv2_unsolicited_report_interval = 10000
net.ipv4.conf.wlp4s0.igmpv3_unsolicited_report_interval = 1000
net.ipv4.conf.wlp4s0.ignore_routes_with_linkdown = 0
net.ipv4.conf.wlp4s0.log_martians = 0
net.ipv4.conf.wlp4s0.mc_forwarding = 0
net.ipv4.conf.wlp4s0.medium_id = 0
net.ipv4.conf.wlp4s0.promote_secondaries = 1
net.ipv4.conf.wlp4s0.proxy_arp = 0
net.ipv4.conf.wlp4s0.proxy_arp_pvlan = 0
net.ipv4.conf.wlp4s0.route_localnet = 0
net.ipv4.conf.wlp4s0.rp_filter = 2
net.ipv4.conf.wlp4s0.secure_redirects = 1
net.ipv4.conf.wlp4s0.send_redirects = 1
net.ipv4.conf.wlp4s0.shared_media = 1
net.ipv4.conf.wlp4s0.src_valid_mark = 0
net.ipv4.conf.wlp4s0.tag = 0
net.ipv4.fib_multipath_hash_fields = 7
net.ipv4.fib_multipath_hash_policy = 0
net.ipv4.fib_multipath_use_neigh = 0
...
...
@@ -724,7 +471,6 @@ net.ipv4.neigh.default.gc_stale_time = 60
net.ipv4.neigh.default.gc_thresh1 = 128
net.ipv4.neigh.default.gc_thresh2 = 512
net.ipv4.neigh.default.gc_thresh3 = 1024
net.ipv4.neigh.default.interval_probe_time_ms = 5000
net.ipv4.neigh.default.locktime = 100
net.ipv4.neigh.default.mcast_resolicit = 0
net.ipv4.neigh.default.mcast_solicit = 3
...
...
@@ -734,27 +480,39 @@ net.ipv4.neigh.default.retrans_time_ms = 1000
net.ipv4.neigh.default.ucast_solicit = 3
net.ipv4.neigh.default.unres_qlen = 101
net.ipv4.neigh.default.unres_qlen_bytes = 212992
net.ipv4.neigh.enp0s31f6.anycast_delay = 100
net.ipv4.neigh.enp0s31f6.app_solicit = 0
net.ipv4.neigh.enp0s31f6.base_reachable_time_ms = 30000
net.ipv4.neigh.enp0s31f6.delay_first_probe_time = 5
net.ipv4.neigh.enp0s31f6.gc_stale_time = 60
net.ipv4.neigh.enp0s31f6.interval_probe_time_ms = 5000
net.ipv4.neigh.enp0s31f6.locktime = 100
net.ipv4.neigh.enp0s31f6.mcast_resolicit = 0
net.ipv4.neigh.enp0s31f6.mcast_solicit = 3
net.ipv4.neigh.enp0s31f6.proxy_delay = 80
net.ipv4.neigh.enp0s31f6.proxy_qlen = 64
net.ipv4.neigh.enp0s31f6.retrans_time_ms = 1000
net.ipv4.neigh.enp0s31f6.ucast_solicit = 3
net.ipv4.neigh.enp0s31f6.unres_qlen = 101
net.ipv4.neigh.enp0s31f6.unres_qlen_bytes = 212992
net.ipv4.neigh.docker0.anycast_delay = 100
net.ipv4.neigh.docker0.app_solicit = 0
net.ipv4.neigh.docker0.base_reachable_time_ms = 30000
net.ipv4.neigh.docker0.delay_first_probe_time = 5
net.ipv4.neigh.docker0.gc_stale_time = 60
net.ipv4.neigh.docker0.locktime = 100
net.ipv4.neigh.docker0.mcast_resolicit = 0
net.ipv4.neigh.docker0.mcast_solicit = 3
net.ipv4.neigh.docker0.proxy_delay = 80
net.ipv4.neigh.docker0.proxy_qlen = 64
net.ipv4.neigh.docker0.retrans_time_ms = 1000
net.ipv4.neigh.docker0.ucast_solicit = 3
net.ipv4.neigh.docker0.unres_qlen = 101
net.ipv4.neigh.docker0.unres_qlen_bytes = 212992
net.ipv4.neigh.ens160.anycast_delay = 100
net.ipv4.neigh.ens160.app_solicit = 0
net.ipv4.neigh.ens160.base_reachable_time_ms = 30000
net.ipv4.neigh.ens160.delay_first_probe_time = 5
net.ipv4.neigh.ens160.gc_stale_time = 60
net.ipv4.neigh.ens160.locktime = 100
net.ipv4.neigh.ens160.mcast_resolicit = 0
net.ipv4.neigh.ens160.mcast_solicit = 3
net.ipv4.neigh.ens160.proxy_delay = 80
net.ipv4.neigh.ens160.proxy_qlen = 64
net.ipv4.neigh.ens160.retrans_time_ms = 1000
net.ipv4.neigh.ens160.ucast_solicit = 3
net.ipv4.neigh.ens160.unres_qlen = 101
net.ipv4.neigh.ens160.unres_qlen_bytes = 212992
net.ipv4.neigh.lo.anycast_delay = 100
net.ipv4.neigh.lo.app_solicit = 0
net.ipv4.neigh.lo.base_reachable_time_ms = 30000
net.ipv4.neigh.lo.delay_first_probe_time = 5
net.ipv4.neigh.lo.gc_stale_time = 60
net.ipv4.neigh.lo.interval_probe_time_ms = 5000
net.ipv4.neigh.lo.locktime = 100
net.ipv4.neigh.lo.mcast_resolicit = 0
net.ipv4.neigh.lo.mcast_solicit = 3
...
...
@@ -764,56 +522,11 @@ net.ipv4.neigh.lo.retrans_time_ms = 1000
net.ipv4.neigh.lo.ucast_solicit = 3
net.ipv4.neigh.lo.unres_qlen = 101
net.ipv4.neigh.lo.unres_qlen_bytes = 212992
net.ipv4.neigh.tun0.anycast_delay = 100
net.ipv4.neigh.tun0.app_solicit = 0
net.ipv4.neigh.tun0.base_reachable_time_ms = 30000
net.ipv4.neigh.tun0.delay_first_probe_time = 5
net.ipv4.neigh.tun0.gc_stale_time = 60
net.ipv4.neigh.tun0.interval_probe_time_ms = 5000
net.ipv4.neigh.tun0.locktime = 100
net.ipv4.neigh.tun0.mcast_resolicit = 0
net.ipv4.neigh.tun0.mcast_solicit = 3
net.ipv4.neigh.tun0.proxy_delay = 80
net.ipv4.neigh.tun0.proxy_qlen = 64
net.ipv4.neigh.tun0.retrans_time_ms = 1000
net.ipv4.neigh.tun0.ucast_solicit = 3
net.ipv4.neigh.tun0.unres_qlen = 101
net.ipv4.neigh.tun0.unres_qlen_bytes = 212992
net.ipv4.neigh.virbr0.anycast_delay = 100
net.ipv4.neigh.virbr0.app_solicit = 0
net.ipv4.neigh.virbr0.base_reachable_time_ms = 30000
net.ipv4.neigh.virbr0.delay_first_probe_time = 5
net.ipv4.neigh.virbr0.gc_stale_time = 60
net.ipv4.neigh.virbr0.interval_probe_time_ms = 5000
net.ipv4.neigh.virbr0.locktime = 100
net.ipv4.neigh.virbr0.mcast_resolicit = 0
net.ipv4.neigh.virbr0.mcast_solicit = 3
net.ipv4.neigh.virbr0.proxy_delay = 80
net.ipv4.neigh.virbr0.proxy_qlen = 64
net.ipv4.neigh.virbr0.retrans_time_ms = 1000
net.ipv4.neigh.virbr0.ucast_solicit = 3
net.ipv4.neigh.virbr0.unres_qlen = 101
net.ipv4.neigh.virbr0.unres_qlen_bytes = 212992
net.ipv4.neigh.wlp4s0.anycast_delay = 100
net.ipv4.neigh.wlp4s0.app_solicit = 0
net.ipv4.neigh.wlp4s0.base_reachable_time_ms = 30000
net.ipv4.neigh.wlp4s0.delay_first_probe_time = 5
net.ipv4.neigh.wlp4s0.gc_stale_time = 60
net.ipv4.neigh.wlp4s0.interval_probe_time_ms = 5000
net.ipv4.neigh.wlp4s0.locktime = 100
net.ipv4.neigh.wlp4s0.mcast_resolicit = 0
net.ipv4.neigh.wlp4s0.mcast_solicit = 3
net.ipv4.neigh.wlp4s0.proxy_delay = 80
net.ipv4.neigh.wlp4s0.proxy_qlen = 64
net.ipv4.neigh.wlp4s0.retrans_time_ms = 1000
net.ipv4.neigh.wlp4s0.ucast_solicit = 3
net.ipv4.neigh.wlp4s0.unres_qlen = 101
net.ipv4.neigh.wlp4s0.unres_qlen_bytes = 212992
net.ipv4.nexthop_compat_mode = 1
net.ipv4.ping_group_range = 0 2147483647
net.ipv4.raw_l3mdev_accept = 1
net.ipv4.route.error_burst =
500
0
net.ipv4.route.error_cost =
100
0
net.ipv4.route.error_burst =
125
0
net.ipv4.route.error_cost =
25
0
net.ipv4.route.gc_elasticity = 8
net.ipv4.route.gc_interval = 60
net.ipv4.route.gc_min_interval = 0
...
...
@@ -824,19 +537,18 @@ net.ipv4.route.max_size = 2147483647
net.ipv4.route.min_adv_mss = 256
net.ipv4.route.min_pmtu = 552
net.ipv4.route.mtu_expires = 600
net.ipv4.route.redirect_load =
20
net.ipv4.route.redirect_load =
5
net.ipv4.route.redirect_number = 9
net.ipv4.route.redirect_silence =
2048
0
net.ipv4.route.redirect_silence =
512
0
net.ipv4.tcp_abort_on_overflow = 0
net.ipv4.tcp_adv_win_scale = 1
net.ipv4.tcp_allowed_congestion_control = reno cubic
net.ipv4.tcp_app_win = 31
net.ipv4.tcp_autocorking = 1
net.ipv4.tcp_available_congestion_control = reno cubic
net.ipv4.tcp_available_ulp = espintcp mptcp
net.ipv4.tcp_available_ulp = espintcp mptcp
tls
net.ipv4.tcp_base_mss = 1024
net.ipv4.tcp_challenge_ack_limit = 2147483647
net.ipv4.tcp_child_ehash_entries = 0
net.ipv4.tcp_challenge_ack_limit = 1000
net.ipv4.tcp_comp_sack_delay_ns = 1000000
net.ipv4.tcp_comp_sack_nr = 44
net.ipv4.tcp_comp_sack_slack_ns = 100000
...
...
@@ -846,11 +558,10 @@ net.ipv4.tcp_early_demux = 1
net.ipv4.tcp_early_retrans = 3
net.ipv4.tcp_ecn = 2
net.ipv4.tcp_ecn_fallback = 1
net.ipv4.tcp_ehash_entries = 65536
net.ipv4.tcp_fack = 0
net.ipv4.tcp_fastopen = 1
net.ipv4.tcp_fastopen_blackhole_timeout_sec = 0
net.ipv4.tcp_fastopen_key =
5b768f20-7ae5f60c-35336305-fe5cb91e
net.ipv4.tcp_fastopen_key =
23d4bc1a-67678cb7-969bbf8f-f04ed254
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_frto = 2
net.ipv4.tcp_fwmark_accept = 0
...
...
@@ -865,7 +576,7 @@ net.ipv4.tcp_max_orphans = 32768
net.ipv4.tcp_max_reordering = 300
net.ipv4.tcp_max_syn_backlog = 512
net.ipv4.tcp_max_tw_buckets = 32768
net.ipv4.tcp_mem = 9
1878 122504 183756
net.ipv4.tcp_mem = 9
2505 123341 185010
net.ipv4.tcp_migrate_req = 0
net.ipv4.tcp_min_rtt_wlen = 300
net.ipv4.tcp_min_snd_mss = 48
...
...
@@ -879,11 +590,6 @@ net.ipv4.tcp_notsent_lowat = 4294967295
net.ipv4.tcp_orphan_retries = 0
net.ipv4.tcp_pacing_ca_ratio = 120
net.ipv4.tcp_pacing_ss_ratio = 200
net.ipv4.tcp_plb_cong_thresh = 128
net.ipv4.tcp_plb_enabled = 0
net.ipv4.tcp_plb_idle_rehash_rounds = 3
net.ipv4.tcp_plb_rehash_rounds = 12
net.ipv4.tcp_plb_suspend_rto_sec = 60
net.ipv4.tcp_probe_interval = 600
net.ipv4.tcp_probe_threshold = 8
net.ipv4.tcp_recovery = 1
...
...
@@ -894,6 +600,7 @@ net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_rfc1337 = 0
net.ipv4.tcp_rmem = 4096 131072 6291456
net.ipv4.tcp_rx_skb_cache = 0
net.ipv4.tcp_sack = 1
net.ipv4.tcp_slow_start_after_idle = 1
net.ipv4.tcp_stdurg = 0
...
...
@@ -902,17 +609,15 @@ net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_thin_linear_timeouts = 0
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_tso_rtt_log = 9
net.ipv4.tcp_tso_win_divisor = 3
net.ipv4.tcp_tw_reuse = 2
net.ipv4.tcp_tx_skb_cache = 0
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_workaround_signed_windows = 0
net.ipv4.udp_child_hash_entries = 0
net.ipv4.udp_early_demux = 1
net.ipv4.udp_hash_entries = 4096
net.ipv4.udp_l3mdev_accept = 0
net.ipv4.udp_mem = 18
3756 245008 367512
net.ipv4.udp_mem = 18
5010 246682 370020
net.ipv4.udp_rmem_min = 4096
net.ipv4.udp_wmem_min = 4096
net.ipv4.xfrm4_gc_thresh = 32768
...
...
@@ -933,11 +638,10 @@ net.ipv6.conf.all.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.all.accept_ra_rtr_pref = 1
net.ipv6.conf.all.accept_redirects = 1
net.ipv6.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_untracked_na = 0
net.ipv6.conf.all.addr_gen_mode = 0
net.ipv6.conf.all.autoconf = 1
net.ipv6.conf.all.dad_transmits = 1
net.ipv6.conf.all.disable_ipv6 =
1
net.ipv6.conf.all.disable_ipv6 =
0
net.ipv6.conf.all.disable_policy = 0
net.ipv6.conf.all.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.all.drop_unsolicited_na = 0
...
...
@@ -957,10 +661,8 @@ net.ipv6.conf.all.mc_forwarding = 0
net.ipv6.conf.all.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.all.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.all.mtu = 1280
net.ipv6.conf.all.ndisc_evict_nocarrier = 1
net.ipv6.conf.all.ndisc_notify = 0
net.ipv6.conf.all.ndisc_tclass = 0
net.ipv6.conf.all.optimistic_dad = 0
net.ipv6.conf.all.proxy_ndp = 0
net.ipv6.conf.all.ra_defrtr_metric = 1024
net.ipv6.conf.all.regen_max_retry = 3
...
...
@@ -976,8 +678,7 @@ net.ipv6.conf.all.suppress_frag_ndisc = 1
net.ipv6.conf.all.temp_prefered_lft = 86400
net.ipv6.conf.all.temp_valid_lft = 604800
net.ipv6.conf.all.use_oif_addrs_only = 0
net.ipv6.conf.all.use_optimistic = 0
net.ipv6.conf.all.use_tempaddr = 0
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.accept_dad = 1
net.ipv6.conf.default.accept_ra = 1
net.ipv6.conf.default.accept_ra_defrtr = 1
...
...
@@ -990,11 +691,10 @@ net.ipv6.conf.default.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.default.accept_ra_rtr_pref = 1
net.ipv6.conf.default.accept_redirects = 1
net.ipv6.conf.default.accept_source_route = 0
net.ipv6.conf.default.accept_untracked_na = 0
net.ipv6.conf.default.addr_gen_mode = 0
net.ipv6.conf.default.autoconf = 1
net.ipv6.conf.default.dad_transmits = 1
net.ipv6.conf.default.disable_ipv6 =
1
net.ipv6.conf.default.disable_ipv6 =
0
net.ipv6.conf.default.disable_policy = 0
net.ipv6.conf.default.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.default.drop_unsolicited_na = 0
...
...
@@ -1014,10 +714,8 @@ net.ipv6.conf.default.mc_forwarding = 0
net.ipv6.conf.default.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.default.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.default.mtu = 1280
net.ipv6.conf.default.ndisc_evict_nocarrier = 1
net.ipv6.conf.default.ndisc_notify = 0
net.ipv6.conf.default.ndisc_tclass = 0
net.ipv6.conf.default.optimistic_dad = 0
net.ipv6.conf.default.proxy_ndp = 0
net.ipv6.conf.default.ra_defrtr_metric = 1024
net.ipv6.conf.default.regen_max_retry = 3
...
...
@@ -1033,67 +731,115 @@ net.ipv6.conf.default.suppress_frag_ndisc = 1
net.ipv6.conf.default.temp_prefered_lft = 86400
net.ipv6.conf.default.temp_valid_lft = 604800
net.ipv6.conf.default.use_oif_addrs_only = 0
net.ipv6.conf.default.use_optimistic = 0
net.ipv6.conf.default.use_tempaddr = 0
net.ipv6.conf.enp0s31f6.accept_dad = 1
net.ipv6.conf.enp0s31f6.accept_ra = 0
net.ipv6.conf.enp0s31f6.accept_ra_defrtr = 1
net.ipv6.conf.enp0s31f6.accept_ra_from_local = 0
net.ipv6.conf.enp0s31f6.accept_ra_min_hop_limit = 1
net.ipv6.conf.enp0s31f6.accept_ra_mtu = 1
net.ipv6.conf.enp0s31f6.accept_ra_pinfo = 1
net.ipv6.conf.enp0s31f6.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.enp0s31f6.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.enp0s31f6.accept_ra_rtr_pref = 1
net.ipv6.conf.enp0s31f6.accept_redirects = 1
net.ipv6.conf.enp0s31f6.accept_source_route = 0
net.ipv6.conf.enp0s31f6.accept_untracked_na = 0
net.ipv6.conf.enp0s31f6.addr_gen_mode = 1
net.ipv6.conf.enp0s31f6.autoconf = 1
net.ipv6.conf.enp0s31f6.dad_transmits = 1
net.ipv6.conf.enp0s31f6.disable_ipv6 = 0
net.ipv6.conf.enp0s31f6.disable_policy = 0
net.ipv6.conf.enp0s31f6.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.enp0s31f6.drop_unsolicited_na = 0
net.ipv6.conf.enp0s31f6.enhanced_dad = 1
net.ipv6.conf.enp0s31f6.force_mld_version = 0
net.ipv6.conf.enp0s31f6.force_tllao = 0
net.ipv6.conf.enp0s31f6.forwarding = 0
net.ipv6.conf.enp0s31f6.hop_limit = 64
net.ipv6.conf.enp0s31f6.ignore_routes_with_linkdown = 0
net.ipv6.conf.enp0s31f6.ioam6_enabled = 0
net.ipv6.conf.enp0s31f6.ioam6_id = 65535
net.ipv6.conf.enp0s31f6.ioam6_id_wide = 4294967295
net.ipv6.conf.enp0s31f6.keep_addr_on_down = 0
net.ipv6.conf.enp0s31f6.max_addresses = 16
net.ipv6.conf.enp0s31f6.max_desync_factor = 600
net.ipv6.conf.enp0s31f6.mc_forwarding = 0
net.ipv6.conf.enp0s31f6.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.enp0s31f6.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.enp0s31f6.mtu = 1500
net.ipv6.conf.enp0s31f6.ndisc_evict_nocarrier = 1
net.ipv6.conf.enp0s31f6.ndisc_notify = 0
net.ipv6.conf.enp0s31f6.ndisc_tclass = 0
net.ipv6.conf.enp0s31f6.optimistic_dad = 0
net.ipv6.conf.enp0s31f6.proxy_ndp = 0
net.ipv6.conf.enp0s31f6.ra_defrtr_metric = 1024
net.ipv6.conf.enp0s31f6.regen_max_retry = 3
net.ipv6.conf.enp0s31f6.router_probe_interval = 60
net.ipv6.conf.enp0s31f6.router_solicitation_delay = 1
net.ipv6.conf.enp0s31f6.router_solicitation_interval = 4
net.ipv6.conf.enp0s31f6.router_solicitation_max_interval = 3600
net.ipv6.conf.enp0s31f6.router_solicitations = -1
net.ipv6.conf.enp0s31f6.rpl_seg_enabled = 0
net.ipv6.conf.enp0s31f6.seg6_enabled = 0
net.ipv6.conf.enp0s31f6.seg6_require_hmac = 0
net.ipv6.conf.enp0s31f6.suppress_frag_ndisc = 1
net.ipv6.conf.enp0s31f6.temp_prefered_lft = 86400
net.ipv6.conf.enp0s31f6.temp_valid_lft = 604800
net.ipv6.conf.enp0s31f6.use_oif_addrs_only = 0
net.ipv6.conf.enp0s31f6.use_optimistic = 0
net.ipv6.conf.enp0s31f6.use_tempaddr = 0
net.ipv6.conf.default.use_tempaddr = 2
net.ipv6.conf.docker0.accept_dad = 1
net.ipv6.conf.docker0.accept_ra = 0
net.ipv6.conf.docker0.accept_ra_defrtr = 1
net.ipv6.conf.docker0.accept_ra_from_local = 0
net.ipv6.conf.docker0.accept_ra_min_hop_limit = 1
net.ipv6.conf.docker0.accept_ra_mtu = 1
net.ipv6.conf.docker0.accept_ra_pinfo = 1
net.ipv6.conf.docker0.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.docker0.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.docker0.accept_ra_rtr_pref = 1
net.ipv6.conf.docker0.accept_redirects = 1
net.ipv6.conf.docker0.accept_source_route = 0
net.ipv6.conf.docker0.addr_gen_mode = 0
net.ipv6.conf.docker0.autoconf = 1
net.ipv6.conf.docker0.dad_transmits = 1
net.ipv6.conf.docker0.disable_ipv6 = 0
net.ipv6.conf.docker0.disable_policy = 0
net.ipv6.conf.docker0.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.docker0.drop_unsolicited_na = 0
net.ipv6.conf.docker0.enhanced_dad = 1
net.ipv6.conf.docker0.force_mld_version = 0
net.ipv6.conf.docker0.force_tllao = 0
net.ipv6.conf.docker0.forwarding = 0
net.ipv6.conf.docker0.hop_limit = 64
net.ipv6.conf.docker0.ignore_routes_with_linkdown = 0
net.ipv6.conf.docker0.ioam6_enabled = 0
net.ipv6.conf.docker0.ioam6_id = 65535
net.ipv6.conf.docker0.ioam6_id_wide = 4294967295
net.ipv6.conf.docker0.keep_addr_on_down = 0
net.ipv6.conf.docker0.max_addresses = 16
net.ipv6.conf.docker0.max_desync_factor = 600
net.ipv6.conf.docker0.mc_forwarding = 0
net.ipv6.conf.docker0.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.docker0.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.docker0.mtu = 1500
net.ipv6.conf.docker0.ndisc_notify = 0
net.ipv6.conf.docker0.ndisc_tclass = 0
net.ipv6.conf.docker0.proxy_ndp = 0
net.ipv6.conf.docker0.ra_defrtr_metric = 1024
net.ipv6.conf.docker0.regen_max_retry = 3
net.ipv6.conf.docker0.router_probe_interval = 60
net.ipv6.conf.docker0.router_solicitation_delay = 1
net.ipv6.conf.docker0.router_solicitation_interval = 4
net.ipv6.conf.docker0.router_solicitation_max_interval = 3600
net.ipv6.conf.docker0.router_solicitations = -1
net.ipv6.conf.docker0.rpl_seg_enabled = 0
net.ipv6.conf.docker0.seg6_enabled = 0
net.ipv6.conf.docker0.seg6_require_hmac = 0
net.ipv6.conf.docker0.suppress_frag_ndisc = 1
net.ipv6.conf.docker0.temp_prefered_lft = 86400
net.ipv6.conf.docker0.temp_valid_lft = 604800
net.ipv6.conf.docker0.use_oif_addrs_only = 0
net.ipv6.conf.docker0.use_tempaddr = 2
net.ipv6.conf.ens160.accept_dad = 1
net.ipv6.conf.ens160.accept_ra = 0
net.ipv6.conf.ens160.accept_ra_defrtr = 1
net.ipv6.conf.ens160.accept_ra_from_local = 0
net.ipv6.conf.ens160.accept_ra_min_hop_limit = 1
net.ipv6.conf.ens160.accept_ra_mtu = 1
net.ipv6.conf.ens160.accept_ra_pinfo = 1
net.ipv6.conf.ens160.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.ens160.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.ens160.accept_ra_rtr_pref = 1
net.ipv6.conf.ens160.accept_redirects = 1
net.ipv6.conf.ens160.accept_source_route = 0
net.ipv6.conf.ens160.addr_gen_mode = 0
net.ipv6.conf.ens160.autoconf = 1
net.ipv6.conf.ens160.dad_transmits = 1
net.ipv6.conf.ens160.disable_ipv6 = 0
net.ipv6.conf.ens160.disable_policy = 0
net.ipv6.conf.ens160.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.ens160.drop_unsolicited_na = 0
net.ipv6.conf.ens160.enhanced_dad = 1
net.ipv6.conf.ens160.force_mld_version = 0
net.ipv6.conf.ens160.force_tllao = 0
net.ipv6.conf.ens160.forwarding = 0
net.ipv6.conf.ens160.hop_limit = 64
net.ipv6.conf.ens160.ignore_routes_with_linkdown = 0
net.ipv6.conf.ens160.ioam6_enabled = 0
net.ipv6.conf.ens160.ioam6_id = 65535
net.ipv6.conf.ens160.ioam6_id_wide = 4294967295
net.ipv6.conf.ens160.keep_addr_on_down = 0
net.ipv6.conf.ens160.max_addresses = 16
net.ipv6.conf.ens160.max_desync_factor = 600
net.ipv6.conf.ens160.mc_forwarding = 0
net.ipv6.conf.ens160.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.ens160.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.ens160.mtu = 1500
net.ipv6.conf.ens160.ndisc_notify = 0
net.ipv6.conf.ens160.ndisc_tclass = 0
net.ipv6.conf.ens160.proxy_ndp = 0
net.ipv6.conf.ens160.ra_defrtr_metric = 1024
net.ipv6.conf.ens160.regen_max_retry = 3
net.ipv6.conf.ens160.router_probe_interval = 60
net.ipv6.conf.ens160.router_solicitation_delay = 1
net.ipv6.conf.ens160.router_solicitation_interval = 4
net.ipv6.conf.ens160.router_solicitation_max_interval = 3600
net.ipv6.conf.ens160.router_solicitations = -1
net.ipv6.conf.ens160.rpl_seg_enabled = 0
net.ipv6.conf.ens160.seg6_enabled = 0
net.ipv6.conf.ens160.seg6_require_hmac = 0
net.ipv6.conf.ens160.suppress_frag_ndisc = 1
net.ipv6.conf.ens160.temp_prefered_lft = 86400
net.ipv6.conf.ens160.temp_valid_lft = 604800
net.ipv6.conf.ens160.use_oif_addrs_only = 0
net.ipv6.conf.ens160.use_tempaddr = 0
net.ipv6.conf.lo.accept_dad = -1
net.ipv6.conf.lo.accept_ra =
0
net.ipv6.conf.lo.accept_ra =
1
net.ipv6.conf.lo.accept_ra_defrtr = 1
net.ipv6.conf.lo.accept_ra_from_local = 0
net.ipv6.conf.lo.accept_ra_min_hop_limit = 1
...
...
@@ -1104,8 +850,7 @@ net.ipv6.conf.lo.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.lo.accept_ra_rtr_pref = 1
net.ipv6.conf.lo.accept_redirects = 1
net.ipv6.conf.lo.accept_source_route = 0
net.ipv6.conf.lo.accept_untracked_na = 0
net.ipv6.conf.lo.addr_gen_mode = 1
net.ipv6.conf.lo.addr_gen_mode = 0
net.ipv6.conf.lo.autoconf = 1
net.ipv6.conf.lo.dad_transmits = 1
net.ipv6.conf.lo.disable_ipv6 = 0
...
...
@@ -1128,10 +873,8 @@ net.ipv6.conf.lo.mc_forwarding = 0
net.ipv6.conf.lo.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.lo.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.lo.mtu = 65536
net.ipv6.conf.lo.ndisc_evict_nocarrier = 1
net.ipv6.conf.lo.ndisc_notify = 0
net.ipv6.conf.lo.ndisc_tclass = 0
net.ipv6.conf.lo.optimistic_dad = 0
net.ipv6.conf.lo.proxy_ndp = 0
net.ipv6.conf.lo.ra_defrtr_metric = 1024
net.ipv6.conf.lo.regen_max_retry = 3
...
...
@@ -1147,179 +890,7 @@ net.ipv6.conf.lo.suppress_frag_ndisc = 1
net.ipv6.conf.lo.temp_prefered_lft = 86400
net.ipv6.conf.lo.temp_valid_lft = 604800
net.ipv6.conf.lo.use_oif_addrs_only = 0
net.ipv6.conf.lo.use_optimistic = 0
net.ipv6.conf.lo.use_tempaddr = 0
net.ipv6.conf.tun0.accept_dad = -1
net.ipv6.conf.tun0.accept_ra = 1
net.ipv6.conf.tun0.accept_ra_defrtr = 1
net.ipv6.conf.tun0.accept_ra_from_local = 0
net.ipv6.conf.tun0.accept_ra_min_hop_limit = 1
net.ipv6.conf.tun0.accept_ra_mtu = 1
net.ipv6.conf.tun0.accept_ra_pinfo = 1
net.ipv6.conf.tun0.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.tun0.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.tun0.accept_ra_rtr_pref = 1
net.ipv6.conf.tun0.accept_redirects = 1
net.ipv6.conf.tun0.accept_source_route = 0
net.ipv6.conf.tun0.accept_untracked_na = 0
net.ipv6.conf.tun0.addr_gen_mode = 0
net.ipv6.conf.tun0.autoconf = 1
net.ipv6.conf.tun0.dad_transmits = 1
net.ipv6.conf.tun0.disable_ipv6 = 1
net.ipv6.conf.tun0.disable_policy = 0
net.ipv6.conf.tun0.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.tun0.drop_unsolicited_na = 0
net.ipv6.conf.tun0.enhanced_dad = 1
net.ipv6.conf.tun0.force_mld_version = 0
net.ipv6.conf.tun0.force_tllao = 0
net.ipv6.conf.tun0.forwarding = 0
net.ipv6.conf.tun0.hop_limit = 64
net.ipv6.conf.tun0.ignore_routes_with_linkdown = 0
net.ipv6.conf.tun0.ioam6_enabled = 0
net.ipv6.conf.tun0.ioam6_id = 65535
net.ipv6.conf.tun0.ioam6_id_wide = 4294967295
net.ipv6.conf.tun0.keep_addr_on_down = 0
net.ipv6.conf.tun0.max_addresses = 16
net.ipv6.conf.tun0.max_desync_factor = 600
net.ipv6.conf.tun0.mc_forwarding = 0
net.ipv6.conf.tun0.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.tun0.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.tun0.mtu = 1500
net.ipv6.conf.tun0.ndisc_evict_nocarrier = 1
net.ipv6.conf.tun0.ndisc_notify = 0
net.ipv6.conf.tun0.ndisc_tclass = 0
net.ipv6.conf.tun0.optimistic_dad = 0
net.ipv6.conf.tun0.proxy_ndp = 0
net.ipv6.conf.tun0.ra_defrtr_metric = 1024
net.ipv6.conf.tun0.regen_max_retry = 3
net.ipv6.conf.tun0.router_probe_interval = 60
net.ipv6.conf.tun0.router_solicitation_delay = 1
net.ipv6.conf.tun0.router_solicitation_interval = 4
net.ipv6.conf.tun0.router_solicitation_max_interval = 3600
net.ipv6.conf.tun0.router_solicitations = -1
net.ipv6.conf.tun0.rpl_seg_enabled = 0
net.ipv6.conf.tun0.seg6_enabled = 0
net.ipv6.conf.tun0.seg6_require_hmac = 0
net.ipv6.conf.tun0.suppress_frag_ndisc = 1
net.ipv6.conf.tun0.temp_prefered_lft = 86400
net.ipv6.conf.tun0.temp_valid_lft = 604800
net.ipv6.conf.tun0.use_oif_addrs_only = 0
net.ipv6.conf.tun0.use_optimistic = 0
net.ipv6.conf.tun0.use_tempaddr = -1
net.ipv6.conf.virbr0.accept_dad = 1
net.ipv6.conf.virbr0.accept_ra = 0
net.ipv6.conf.virbr0.accept_ra_defrtr = 1
net.ipv6.conf.virbr0.accept_ra_from_local = 0
net.ipv6.conf.virbr0.accept_ra_min_hop_limit = 1
net.ipv6.conf.virbr0.accept_ra_mtu = 1
net.ipv6.conf.virbr0.accept_ra_pinfo = 1
net.ipv6.conf.virbr0.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.virbr0.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.virbr0.accept_ra_rtr_pref = 1
net.ipv6.conf.virbr0.accept_redirects = 1
net.ipv6.conf.virbr0.accept_source_route = 0
net.ipv6.conf.virbr0.accept_untracked_na = 0
net.ipv6.conf.virbr0.addr_gen_mode = 0
net.ipv6.conf.virbr0.autoconf = 0
net.ipv6.conf.virbr0.dad_transmits = 1
net.ipv6.conf.virbr0.disable_ipv6 = 1
net.ipv6.conf.virbr0.disable_policy = 0
net.ipv6.conf.virbr0.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.virbr0.drop_unsolicited_na = 0
net.ipv6.conf.virbr0.enhanced_dad = 1
net.ipv6.conf.virbr0.force_mld_version = 0
net.ipv6.conf.virbr0.force_tllao = 0
net.ipv6.conf.virbr0.forwarding = 0
net.ipv6.conf.virbr0.hop_limit = 64
net.ipv6.conf.virbr0.ignore_routes_with_linkdown = 0
net.ipv6.conf.virbr0.ioam6_enabled = 0
net.ipv6.conf.virbr0.ioam6_id = 65535
net.ipv6.conf.virbr0.ioam6_id_wide = 4294967295
net.ipv6.conf.virbr0.keep_addr_on_down = 0
net.ipv6.conf.virbr0.max_addresses = 16
net.ipv6.conf.virbr0.max_desync_factor = 600
net.ipv6.conf.virbr0.mc_forwarding = 0
net.ipv6.conf.virbr0.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.virbr0.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.virbr0.mtu = 1500
net.ipv6.conf.virbr0.ndisc_evict_nocarrier = 1
net.ipv6.conf.virbr0.ndisc_notify = 0
net.ipv6.conf.virbr0.ndisc_tclass = 0
net.ipv6.conf.virbr0.optimistic_dad = 0
net.ipv6.conf.virbr0.proxy_ndp = 0
net.ipv6.conf.virbr0.ra_defrtr_metric = 1024
net.ipv6.conf.virbr0.regen_max_retry = 3
net.ipv6.conf.virbr0.router_probe_interval = 60
net.ipv6.conf.virbr0.router_solicitation_delay = 1
net.ipv6.conf.virbr0.router_solicitation_interval = 4
net.ipv6.conf.virbr0.router_solicitation_max_interval = 3600
net.ipv6.conf.virbr0.router_solicitations = -1
net.ipv6.conf.virbr0.rpl_seg_enabled = 0
net.ipv6.conf.virbr0.seg6_enabled = 0
net.ipv6.conf.virbr0.seg6_require_hmac = 0
net.ipv6.conf.virbr0.suppress_frag_ndisc = 1
net.ipv6.conf.virbr0.temp_prefered_lft = 86400
net.ipv6.conf.virbr0.temp_valid_lft = 604800
net.ipv6.conf.virbr0.use_oif_addrs_only = 0
net.ipv6.conf.virbr0.use_optimistic = 0
net.ipv6.conf.virbr0.use_tempaddr = 0
net.ipv6.conf.wlp4s0.accept_dad = 1
net.ipv6.conf.wlp4s0.accept_ra = 0
net.ipv6.conf.wlp4s0.accept_ra_defrtr = 1
net.ipv6.conf.wlp4s0.accept_ra_from_local = 0
net.ipv6.conf.wlp4s0.accept_ra_min_hop_limit = 1
net.ipv6.conf.wlp4s0.accept_ra_mtu = 1
net.ipv6.conf.wlp4s0.accept_ra_pinfo = 1
net.ipv6.conf.wlp4s0.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.wlp4s0.accept_ra_rt_info_min_plen = 0
net.ipv6.conf.wlp4s0.accept_ra_rtr_pref = 1
net.ipv6.conf.wlp4s0.accept_redirects = 1
net.ipv6.conf.wlp4s0.accept_source_route = 0
net.ipv6.conf.wlp4s0.accept_untracked_na = 0
net.ipv6.conf.wlp4s0.addr_gen_mode = 1
net.ipv6.conf.wlp4s0.autoconf = 1
net.ipv6.conf.wlp4s0.dad_transmits = 1
net.ipv6.conf.wlp4s0.disable_ipv6 = 1
net.ipv6.conf.wlp4s0.disable_policy = 0
net.ipv6.conf.wlp4s0.drop_unicast_in_l2_multicast = 0
net.ipv6.conf.wlp4s0.drop_unsolicited_na = 0
net.ipv6.conf.wlp4s0.enhanced_dad = 1
net.ipv6.conf.wlp4s0.force_mld_version = 0
net.ipv6.conf.wlp4s0.force_tllao = 0
net.ipv6.conf.wlp4s0.forwarding = 0
net.ipv6.conf.wlp4s0.hop_limit = 64
net.ipv6.conf.wlp4s0.ignore_routes_with_linkdown = 0
net.ipv6.conf.wlp4s0.ioam6_enabled = 0
net.ipv6.conf.wlp4s0.ioam6_id = 65535
net.ipv6.conf.wlp4s0.ioam6_id_wide = 4294967295
net.ipv6.conf.wlp4s0.keep_addr_on_down = 0
net.ipv6.conf.wlp4s0.max_addresses = 16
net.ipv6.conf.wlp4s0.max_desync_factor = 600
net.ipv6.conf.wlp4s0.mc_forwarding = 0
net.ipv6.conf.wlp4s0.mldv1_unsolicited_report_interval = 10000
net.ipv6.conf.wlp4s0.mldv2_unsolicited_report_interval = 1000
net.ipv6.conf.wlp4s0.mtu = 1500
net.ipv6.conf.wlp4s0.ndisc_evict_nocarrier = 1
net.ipv6.conf.wlp4s0.ndisc_notify = 0
net.ipv6.conf.wlp4s0.ndisc_tclass = 0
net.ipv6.conf.wlp4s0.optimistic_dad = 0
net.ipv6.conf.wlp4s0.proxy_ndp = 0
net.ipv6.conf.wlp4s0.ra_defrtr_metric = 1024
net.ipv6.conf.wlp4s0.regen_max_retry = 3
net.ipv6.conf.wlp4s0.router_probe_interval = 60
net.ipv6.conf.wlp4s0.router_solicitation_delay = 1
net.ipv6.conf.wlp4s0.router_solicitation_interval = 4
net.ipv6.conf.wlp4s0.router_solicitation_max_interval = 3600
net.ipv6.conf.wlp4s0.router_solicitations = -1
net.ipv6.conf.wlp4s0.rpl_seg_enabled = 0
net.ipv6.conf.wlp4s0.seg6_enabled = 0
net.ipv6.conf.wlp4s0.seg6_require_hmac = 0
net.ipv6.conf.wlp4s0.suppress_frag_ndisc = 1
net.ipv6.conf.wlp4s0.temp_prefered_lft = 86400
net.ipv6.conf.wlp4s0.temp_valid_lft = 604800
net.ipv6.conf.wlp4s0.use_oif_addrs_only = 0
net.ipv6.conf.wlp4s0.use_optimistic = 0
net.ipv6.conf.wlp4s0.use_tempaddr = 0
net.ipv6.conf.lo.use_tempaddr = -1
net.ipv6.fib_multipath_hash_fields = 7
net.ipv6.fib_multipath_hash_policy = 0
net.ipv6.fib_notify_on_flag_change = 0
...
...
@@ -1330,7 +901,6 @@ net.ipv6.fwmark_reflect = 0
net.ipv6.icmp.echo_ignore_all = 0
net.ipv6.icmp.echo_ignore_anycast = 0
net.ipv6.icmp.echo_ignore_multicast = 0
net.ipv6.icmp.error_anycast_as_unicast = 0
net.ipv6.icmp.ratelimit = 1000
net.ipv6.icmp.ratemask = 0-1,3-127
net.ipv6.idgen_delay = 1
...
...
@@ -1357,7 +927,6 @@ net.ipv6.neigh.default.gc_stale_time = 60
net.ipv6.neigh.default.gc_thresh1 = 128
net.ipv6.neigh.default.gc_thresh2 = 512
net.ipv6.neigh.default.gc_thresh3 = 1024
net.ipv6.neigh.default.interval_probe_time_ms = 5000
net.ipv6.neigh.default.locktime = 0
net.ipv6.neigh.default.mcast_resolicit = 0
net.ipv6.neigh.default.mcast_solicit = 3
...
...
@@ -1367,27 +936,39 @@ net.ipv6.neigh.default.retrans_time_ms = 1000
net.ipv6.neigh.default.ucast_solicit = 3
net.ipv6.neigh.default.unres_qlen = 101
net.ipv6.neigh.default.unres_qlen_bytes = 212992
net.ipv6.neigh.enp0s31f6.anycast_delay = 100
net.ipv6.neigh.enp0s31f6.app_solicit = 0
net.ipv6.neigh.enp0s31f6.base_reachable_time_ms = 30000
net.ipv6.neigh.enp0s31f6.delay_first_probe_time = 5
net.ipv6.neigh.enp0s31f6.gc_stale_time = 60
net.ipv6.neigh.enp0s31f6.interval_probe_time_ms = 5000
net.ipv6.neigh.enp0s31f6.locktime = 0
net.ipv6.neigh.enp0s31f6.mcast_resolicit = 0
net.ipv6.neigh.enp0s31f6.mcast_solicit = 3
net.ipv6.neigh.enp0s31f6.proxy_delay = 80
net.ipv6.neigh.enp0s31f6.proxy_qlen = 64
net.ipv6.neigh.enp0s31f6.retrans_time_ms = 1000
net.ipv6.neigh.enp0s31f6.ucast_solicit = 3
net.ipv6.neigh.enp0s31f6.unres_qlen = 101
net.ipv6.neigh.enp0s31f6.unres_qlen_bytes = 212992
net.ipv6.neigh.docker0.anycast_delay = 100
net.ipv6.neigh.docker0.app_solicit = 0
net.ipv6.neigh.docker0.base_reachable_time_ms = 30000
net.ipv6.neigh.docker0.delay_first_probe_time = 5
net.ipv6.neigh.docker0.gc_stale_time = 60
net.ipv6.neigh.docker0.locktime = 0
net.ipv6.neigh.docker0.mcast_resolicit = 0
net.ipv6.neigh.docker0.mcast_solicit = 3
net.ipv6.neigh.docker0.proxy_delay = 80
net.ipv6.neigh.docker0.proxy_qlen = 64
net.ipv6.neigh.docker0.retrans_time_ms = 1000
net.ipv6.neigh.docker0.ucast_solicit = 3
net.ipv6.neigh.docker0.unres_qlen = 101
net.ipv6.neigh.docker0.unres_qlen_bytes = 212992
net.ipv6.neigh.ens160.anycast_delay = 100
net.ipv6.neigh.ens160.app_solicit = 0
net.ipv6.neigh.ens160.base_reachable_time_ms = 30000
net.ipv6.neigh.ens160.delay_first_probe_time = 5
net.ipv6.neigh.ens160.gc_stale_time = 60
net.ipv6.neigh.ens160.locktime = 0
net.ipv6.neigh.ens160.mcast_resolicit = 0
net.ipv6.neigh.ens160.mcast_solicit = 3
net.ipv6.neigh.ens160.proxy_delay = 80
net.ipv6.neigh.ens160.proxy_qlen = 64
net.ipv6.neigh.ens160.retrans_time_ms = 1000
net.ipv6.neigh.ens160.ucast_solicit = 3
net.ipv6.neigh.ens160.unres_qlen = 101
net.ipv6.neigh.ens160.unres_qlen_bytes = 212992
net.ipv6.neigh.lo.anycast_delay = 100
net.ipv6.neigh.lo.app_solicit = 0
net.ipv6.neigh.lo.base_reachable_time_ms = 30000
net.ipv6.neigh.lo.delay_first_probe_time = 5
net.ipv6.neigh.lo.gc_stale_time = 60
net.ipv6.neigh.lo.interval_probe_time_ms = 5000
net.ipv6.neigh.lo.locktime = 0
net.ipv6.neigh.lo.mcast_resolicit = 0
net.ipv6.neigh.lo.mcast_solicit = 3
...
...
@@ -1397,73 +978,28 @@ net.ipv6.neigh.lo.retrans_time_ms = 1000
net.ipv6.neigh.lo.ucast_solicit = 3
net.ipv6.neigh.lo.unres_qlen = 101
net.ipv6.neigh.lo.unres_qlen_bytes = 212992
net.ipv6.neigh.tun0.anycast_delay = 100
net.ipv6.neigh.tun0.app_solicit = 0
net.ipv6.neigh.tun0.base_reachable_time_ms = 30000
net.ipv6.neigh.tun0.delay_first_probe_time = 5
net.ipv6.neigh.tun0.gc_stale_time = 60
net.ipv6.neigh.tun0.interval_probe_time_ms = 5000
net.ipv6.neigh.tun0.locktime = 0
net.ipv6.neigh.tun0.mcast_resolicit = 0
net.ipv6.neigh.tun0.mcast_solicit = 3
net.ipv6.neigh.tun0.proxy_delay = 80
net.ipv6.neigh.tun0.proxy_qlen = 64
net.ipv6.neigh.tun0.retrans_time_ms = 1000
net.ipv6.neigh.tun0.ucast_solicit = 3
net.ipv6.neigh.tun0.unres_qlen = 101
net.ipv6.neigh.tun0.unres_qlen_bytes = 212992
net.ipv6.neigh.virbr0.anycast_delay = 100
net.ipv6.neigh.virbr0.app_solicit = 0
net.ipv6.neigh.virbr0.base_reachable_time_ms = 30000
net.ipv6.neigh.virbr0.delay_first_probe_time = 5
net.ipv6.neigh.virbr0.gc_stale_time = 60
net.ipv6.neigh.virbr0.interval_probe_time_ms = 5000
net.ipv6.neigh.virbr0.locktime = 0
net.ipv6.neigh.virbr0.mcast_resolicit = 0
net.ipv6.neigh.virbr0.mcast_solicit = 3
net.ipv6.neigh.virbr0.proxy_delay = 80
net.ipv6.neigh.virbr0.proxy_qlen = 64
net.ipv6.neigh.virbr0.retrans_time_ms = 1000
net.ipv6.neigh.virbr0.ucast_solicit = 3
net.ipv6.neigh.virbr0.unres_qlen = 101
net.ipv6.neigh.virbr0.unres_qlen_bytes = 212992
net.ipv6.neigh.wlp4s0.anycast_delay = 100
net.ipv6.neigh.wlp4s0.app_solicit = 0
net.ipv6.neigh.wlp4s0.base_reachable_time_ms = 30000
net.ipv6.neigh.wlp4s0.delay_first_probe_time = 5
net.ipv6.neigh.wlp4s0.gc_stale_time = 60
net.ipv6.neigh.wlp4s0.interval_probe_time_ms = 5000
net.ipv6.neigh.wlp4s0.locktime = 0
net.ipv6.neigh.wlp4s0.mcast_resolicit = 0
net.ipv6.neigh.wlp4s0.mcast_solicit = 3
net.ipv6.neigh.wlp4s0.proxy_delay = 80
net.ipv6.neigh.wlp4s0.proxy_qlen = 64
net.ipv6.neigh.wlp4s0.retrans_time_ms = 1000
net.ipv6.neigh.wlp4s0.ucast_solicit = 3
net.ipv6.neigh.wlp4s0.unres_qlen = 101
net.ipv6.neigh.wlp4s0.unres_qlen_bytes = 212992
net.ipv6.route.gc_elasticity = 9
net.ipv6.route.gc_interval = 30
net.ipv6.route.gc_min_interval = 0
net.ipv6.route.gc_min_interval_ms = 500
net.ipv6.route.gc_thresh = 1024
net.ipv6.route.gc_timeout = 60
net.ipv6.route.max_size =
2147483647
net.ipv6.route.max_size =
4096
net.ipv6.route.min_adv_mss = 1220
net.ipv6.route.mtu_expires = 600
net.ipv6.route.skip_notify_on_dev_down = 0
net.ipv6.seg6_flowlabel = 0
net.ipv6.xfrm6_gc_thresh = 32768
net.iw_cm.default_backlog = 256
net.mptcp.add_addr_timeout = 120
net.mptcp.allow_join_initial_addr_port = 1
net.mptcp.checksum_enabled = 0
net.mptcp.enabled = 1
net.mptcp.pm_type = 0
net.mptcp.stale_loss_cnt = 4
net.netfilter.nf_conntrack_acct = 0
net.netfilter.nf_conntrack_buckets = 262144
net.netfilter.nf_conntrack_checksum = 1
net.netfilter.nf_conntrack_count =
21
net.netfilter.nf_conntrack_count =
105
net.netfilter.nf_conntrack_dccp_loose = 1
net.netfilter.nf_conntrack_dccp_timeout_closereq = 64
net.netfilter.nf_conntrack_dccp_timeout_closing = 64
...
...
@@ -1472,7 +1008,7 @@ net.netfilter.nf_conntrack_dccp_timeout_partopen = 480
net.netfilter.nf_conntrack_dccp_timeout_request = 240
net.netfilter.nf_conntrack_dccp_timeout_respond = 480
net.netfilter.nf_conntrack_dccp_timeout_timewait = 240
net.netfilter.nf_conntrack_events =
2
net.netfilter.nf_conntrack_events =
1
net.netfilter.nf_conntrack_expect_max = 4096
net.netfilter.nf_conntrack_frag6_high_thresh = 4194304
net.netfilter.nf_conntrack_frag6_low_thresh = 3145728
...
...
@@ -1480,6 +1016,7 @@ net.netfilter.nf_conntrack_frag6_timeout = 60
net.netfilter.nf_conntrack_generic_timeout = 600
net.netfilter.nf_conntrack_gre_timeout = 30
net.netfilter.nf_conntrack_gre_timeout_stream = 180
net.netfilter.nf_conntrack_helper = 0
net.netfilter.nf_conntrack_icmp_timeout = 30
net.netfilter.nf_conntrack_icmpv6_timeout = 30
net.netfilter.nf_conntrack_log_invalid = 0
...
...
@@ -1487,7 +1024,8 @@ net.netfilter.nf_conntrack_max = 262144
net.netfilter.nf_conntrack_sctp_timeout_closed = 10
net.netfilter.nf_conntrack_sctp_timeout_cookie_echoed = 3
net.netfilter.nf_conntrack_sctp_timeout_cookie_wait = 3
net.netfilter.nf_conntrack_sctp_timeout_established = 210
net.netfilter.nf_conntrack_sctp_timeout_established = 432000
net.netfilter.nf_conntrack_sctp_timeout_heartbeat_acked = 210
net.netfilter.nf_conntrack_sctp_timeout_heartbeat_sent = 30
net.netfilter.nf_conntrack_sctp_timeout_shutdown_ack_sent = 3
net.netfilter.nf_conntrack_sctp_timeout_shutdown_recd = 0
...
...
@@ -1515,6 +1053,8 @@ net.netfilter.nf_hooks_lwtunnel = 0
net.netfilter.nf_log.0 = NONE
net.netfilter.nf_log.1 = NONE
net.netfilter.nf_log.10 = NONE
net.netfilter.nf_log.11 = NONE
net.netfilter.nf_log.12 = NONE
net.netfilter.nf_log.2 = NONE
net.netfilter.nf_log.3 = NONE
net.netfilter.nf_log.4 = NONE
...
...
@@ -1526,48 +1066,34 @@ net.netfilter.nf_log.9 = NONE
net.netfilter.nf_log_all_netns = 0
net.nf_conntrack_max = 262144
net.unix.max_dgram_qlen = 512
sunrpc.max_resvport = 1023
sunrpc.min_resvport = 665
sunrpc.nfs_debug = 0x0000
sunrpc.nfsd_debug = 0x0000
sunrpc.nlm_debug = 0x0000
sunrpc.rpc_debug = 0x0000
sunrpc.tcp_fin_timeout = 15
sunrpc.tcp_max_slot_table_entries = 65536
sunrpc.tcp_slot_table_entries = 2
sunrpc.transports = tcp 1048576
sunrpc.transports = udp 32768
sunrpc.udp_slot_table_entries = 16
user.max_cgroup_namespaces = 31021
user.max_cgroup_namespaces = 31231
user.max_fanotify_groups = 128
user.max_fanotify_marks = 64
337
user.max_fanotify_marks = 64
771
user.max_inotify_instances = 128
user.max_inotify_watches = 60
507
user.max_ipc_namespaces = 31
02
1
user.max_mnt_namespaces = 31
02
1
user.max_net_namespaces = 31
02
1
user.max_pid_namespaces = 31
02
1
user.max_time_namespaces = 31
02
1
user.max_user_namespaces = 31
02
1
user.max_uts_namespaces = 31
02
1
user.max_inotify_watches = 60
915
user.max_ipc_namespaces = 31
23
1
user.max_mnt_namespaces = 31
23
1
user.max_net_namespaces = 31
23
1
user.max_pid_namespaces = 31
23
1
user.max_time_namespaces = 31
23
1
user.max_user_namespaces = 31
23
1
user.max_uts_namespaces = 31
23
1
vm.admin_reserve_kbytes = 8192
vm.compact_unevictable_allowed = 1
vm.compaction_proactiveness = 20
vm.dirty_background_bytes = 0
vm.dirty_background_ratio = 10
vm.dirty_bytes = 0
vm.dirty_expire_centisecs =
6
000
vm.dirty_expire_centisecs =
3
000
vm.dirty_ratio = 20
vm.dirty_writeback_centisecs =
60
00
vm.dirty_writeback_centisecs =
5
00
vm.dirtytime_expire_seconds = 43200
vm.extfrag_threshold = 500
vm.hugetlb_optimize_vmemmap = 0
vm.hugetlb_shm_group = 0
vm.laptop_mode =
2
vm.laptop_mode =
0
vm.legacy_va_layout = 0
vm.lowmem_reserve_ratio = 256 256 32 0 0
vm.max_map_count = 65530
vm.memfd_noexec = 0
vm.memory_failure_early_kill = 0
vm.memory_failure_recovery = 1
vm.min_free_kbytes = 67584
...
...
@@ -1592,7 +1118,7 @@ vm.panic_on_oom = 0
vm.percpu_pagelist_high_fraction = 0
vm.stat_interval = 1
vm.swappiness = 60
vm.unprivileged_userfaultfd =
1
vm.unprivileged_userfaultfd =
0
vm.user_reserve_kbytes = 131072
vm.vfs_cache_pressure = 100
vm.watermark_boost_factor = 15000
...
...
kernel_hardening_checker/config_files/distros/ubuntu-
focal
.config
→
kernel_hardening_checker/config_files/distros/ubuntu-
22.04
.config
View file @
b80b8c91
This source diff could not be displayed because it is too large. You can
view the blob
instead.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
