Last active
August 29, 2015 14:21
-
-
Save Niemi/0a475a8edf5efb29749e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# https://gist.github.com/gretel/f458cfcfc63850c3d3f5 | |
# | |
# $OpenBSD: sysctl.conf,v 1.58 2014/07/11 16:43:07 henning Exp $ | |
# | |
# This file contains a list of sysctl options the user wants set at | |
# boot time. See sysctl(3) and sysctl(8) for more information on | |
# the many available variables. | |
# | |
net.inet.ip.forwarding=1 # 1=Permit forwarding (routing) of IPv4 packets | |
#net.inet.ip.mforwarding=1 # 1=Permit forwarding (routing) of IPv4 multicast packets | |
#net.inet.ip.multipath=1 # 1=Enable IP multipath routing | |
#net.inet.icmp.rediraccept=1 # 1=Accept ICMP redirects | |
#net.inet6.icmp6.rediraccept=0 # 1=Accept IPv6 ICMP redirects (for hosts) | |
net.inet6.ip6.forwarding=1 # 1=Permit forwarding (routing) of IPv6 packets | |
net.inet6.ip6.mforwarding=1 # 1=Permit forwarding (routing) of IPv6 multicast packets | |
net.inet6.ip6.multipath=1 # 1=Enable IPv6 multipath routing | |
#net.inet.tcp.always_keepalive=1 # 1=Keepalives for all connections (e.g. hotel/airport NAT) | |
#net.inet.tcp.keepidle=100 # 100=send TCP keepalives every 50 seconds | |
#net.inet.esp.enable=1 # 0=Disable the ESP IPsec protocol | |
#net.inet.ah.enable=1 # 0=Disable the AH IPsec protocol | |
#net.inet.esp.udpencap=0 # 0=Disable ESP-in-UDP encapsulation | |
#net.inet.ipcomp.enable=1 # 1=Enable the IPCOMP protocol | |
#net.inet.etherip.allow=1 # 1=Enable the Ethernet-over-IP protocol | |
net.inet.tcp.ecn=1 # 1=Enable the TCP ECN extension | |
#net.inet.carp.preempt=1 # 1=Enable carp(4) preemption | |
#net.inet.carp.log=3 # log level of carp(4) info, default 2 | |
#net.pipex.enable=1 # 1=Enable pipex(4) for npppd(8) | |
ddb.panic=0 # 0=Do not drop into ddb on a kernel panic | |
#db.console=0 # 1=Permit entry of ddb from the console | |
#fs.posix.setuid=0 # 0=Traditional BSD chown() semantics | |
#vm.swapencrypt.enable=0 # 0=Do not encrypt pages that go to swap | |
#vfs.nfs.iothreads=4 # Number of nfsio kernel threads | |
net.inet.ip.mtudisc=0 # 0=Disable tcp mtu discovery | |
#kern.usercrypto=1 # 1=Enable userland use of /dev/crypto | |
#kern.userasymcrypto=1 # 1=Permit userland to do asymmetric crypto | |
kern.splassert=2 # 2=Enable with verbose error messages | |
kern.nosuidcoredump=3 # 3=Put suid coredumps in /var/crash/progname | |
kern.watchdog.period=32 # >0=Enable hardware watchdog(4) timer if available | |
kern.watchdog.auto=0 # 0=Disable automatic watchdog(4) retriggering | |
#hw.allowpowerdown=0 # 0=Disable power button shutdown | |
#machdep.allowaperture=2 # See xf86(4) | |
#machdep.kbdreset=1 # permit console CTRL-ALT-DEL to do a nice halt | |
#machdep.lidsuspend=1 # laptop lid closes cause a suspend | |
kern.pool_debug=0 | |
kern.maxfiles=21090 | |
kern.maxclusters=61440 | |
kern.somaxconn=512 | |
kern.bufcachepercent=25 | |
net.bpf.bufsize=65535 | |
net.inet.ip.maxqueue=1024 | |
net.inet.ip.ifq.maxlen=512 | |
net.inet.ip.redirect=0 | |
net.inet.ip.mtudisctimeout=90 | |
net.inet6.ip6.use_deprecated=0 | |
net.inet.udp.recvspace=124800 | |
net.inet.udp.sendspace=55296 | |
net.inet.divert.recvspace=131072 | |
net.inet.divert.sendspace=131072 | |
net.inet6.divert.recvspace=131072 | |
net.inet6.divert.sendspace=131072 | |
net.inet.icmp.errppslimit=300 | |
net.inet6.icmp6.errppslimit=300 | |
net.inet.tcp.rstppslimit=300 | |
net.inet.tcp.mssdflt=1452 | |
net.inet.tcp.reasslimit=9216 | |
net.inet.tcp.synbucketlimit=210 | |
net.inet.tcp.keepinittime=300 | |
net.inet.tcp.keepidle=600 | |
net.inet.tcp.keepintvl=60 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment