Mettre à jour 'etc/sysctl.conf'
This commit is contained in:
parent
6f50967a7d
commit
04fec70ecb
|
@ -13,19 +13,37 @@
|
|||
### GENERAL SYSTEM SECURITY OPTIONS ###
|
||||
###
|
||||
|
||||
# Controls the System Request debugging functionality of the kernel
|
||||
kernel.sysrq = 0
|
||||
|
||||
#Allow for more PIDs
|
||||
kernel.pid_max = 65535
|
||||
|
||||
# Controls the maximum size of a message, in bytes
|
||||
kernel.msgmnb = 65535
|
||||
|
||||
# Controls the default maxmimum size of a mesage queue
|
||||
kernel.msgmax = 65535
|
||||
|
||||
# Restrict core dumps
|
||||
fs.suid_dumpable = 0
|
||||
|
||||
# Hide exposed kernel pointers
|
||||
kernel.kptr_restrict = 1
|
||||
|
||||
### IMPROVE SYSTEM MEMORY MANAGEMENT ###
|
||||
|
||||
# Increase size of file handles and inode cache
|
||||
fs.file-max = 2097152
|
||||
|
||||
# Increase size of file handles and inode cache
|
||||
fs.file-max = 209708
|
||||
# Do less swapping
|
||||
vm.swappiness = 10
|
||||
vm.dirty_ratio = 60
|
||||
vm.dirty_ratio = 30
|
||||
vm.dirty_background_ratio = 2
|
||||
|
||||
# Redis configuration
|
||||
vm.overcommit_memory = 1
|
||||
|
||||
#Prevent SYN attack, enable SYNcookies (they will kick-in when the max_syn_backlog reached)
|
||||
|
@ -102,8 +120,9 @@ net.ipv6.conf.all.autoconf=0
|
|||
net.ipv6.conf.all.accept_ra=0
|
||||
net.ipv6.conf.default.autoconf=0
|
||||
net.ipv6.conf.default.accept_ra=0
|
||||
net.ipv6.conf.eth0.autoconf=0
|
||||
net.ipv6.conf.eth0.accept_ra=0
|
||||
net.ipv6.conf.ens18.accept_ra = 0
|
||||
net.ipv6.conf.ens160.autoconf = 0
|
||||
net.ipv6.conf.ens160.accept_ra = 0
|
||||
|
||||
|
||||
###
|
||||
|
|
Loading…
Reference in New Issue