core/conf/sysctl.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

#
# /etc/sysctl.conf: configuration for system variables, see sysctl.conf(5)
#

kernel.printk = 1 4 1 7

# Disable ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

# Tuen IPv6
# net.ipv6.conf.default.router_solicitations = 0
# net.ipv6.conf.default.accept_ra_rtr_pref = 0
# net.ipv6.conf.default.accept_ra_pinfo = 0
# net.ipv6.conf.default.accept_ra_defrtr = 0
# net.ipv6.conf.default.autoconf = 0
# net.ipv6.conf.default.dad_transmits = 0
# net.ipv6.conf.default.max_addresses = 0

# Avoid a smurf attack
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Turn on protection for bad icmp error messages
net.ipv4.icmp_ignore_bogus_error_responses = 1

# Turn on syncookies for SYN flood attack protection
net.ipv4.tcp_syncookies = 1

## protect against tcp time-wait assassination hazards
## drop RST packets for sockets in the time-wait state
## (not widely supported outside of linux, but conforms to RFC)
net.ipv4.tcp_rfc1337 = 1

## tcp timestamps
## + protect against wrapping sequence numbers (at gigabit speeds)
## + round trip time calculation implemented in TCP
## - causes extra overhead and allows uptime detection by scanners like nmap
## enable @ gigabit speeds
net.ipv4.tcp_timestamps = 0
#net.ipv4.tcp_timestamps = 1

# Turn on and log spoofed, source routed, and redirect packets
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.log_martians = 1

## ignore echo broadcast requests to prevent being part of smurf attacks (default)
net.ipv4.icmp_echo_ignore_broadcasts = 1

# No source routed packets here
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0

## sets the kernels reverse path filtering mechanism to value 1(on)
## will do source validation of the packet's recieved from all the interfaces on the machine
## protects from attackers that are using ip spoofing methods to do harm
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv6.conf.default.rp_filter = 1
net.ipv6.conf.all.rp_filter = 1

# Make sure no one can alter the routing tables
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0

# Act as a router, necessary for Access Point
net.ipv4.ip_forward = 1
net.ipv4.conf.all.send_redirects = 1
net.ipv4.conf.default.send_redirects = 1

kernel.shmmax = 500000000
# Turn on execshild
kernel.exec-shield = 1
kernel.randomize_va_space = 1

# Optimization for port usefor LBs
# Increase system file descriptor limit
fs.file-max = 65535

# Allow for more PIDs (to reduce rollover problems); may break some programs 32768
kernel.pid_max = 65536

# Increase system IP port limits
net.ipv4.ip_local_port_range = 2000 65000

# Increase TCP max buffer size setable using setsockopt()
net.ipv4.tcp_rmem = 4096 87380 8388608
net.ipv4.tcp_wmem = 4096 87380 8388608

# Increase Linux auto tuning TCP buffer limits
# min, default, and max number of bytes to use
# set max to at least 4MB, or higher if you use very high BDP paths
# Tcp Windows etc
net.core.rmem_max = 8388608
net.core.wmem_max = 8388608
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_window_scaling = 1

# End of file
# Copyright (C) 2009, 2010  Roman Zimbelmann <romanz@lavabit.com>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""
1. Basic movement and browsing

1.1. Move around
1.2. Browser control
1.3. Searching
1.4. Cycling
1.5. Bookmarks
1.6. Mouse usage


==============================================================================
1.1. Ranger has similar movement keys as vim:

Note: A ^ stands for the Ctrl key.

	k	move up
	j	move down
	h	move left (in browser: move one directory up)
	l	move right (in browser: enter this directory, or run this file)

	^U	move half the screen up
	^D	move half the screen down
	H	in browser: move back in history
	L	in browser: move forward in history

	gg	move to the top
	G	move to the bottom
	%	move to the middle

By prefixing a number, you can give more precise commands, eg:

	2^D	move 2 pages down
	5gg	move to the 5th line
	3h	move 3 characters to the left, or move 3 directories up
	30%	move to 30% of the screen

Using arrow keys is equivalent of using h/j/k/l in most cases.
An exception to this is the console, where you can move around with
arrow keys and pressing letters will insert the letter into the console.

Special keys like Home, Page Up,.. work as expected.

These keys work like in vim:

	^D      move half the screen up
	^U      move half the screen down
	^B      move up by one screen
	^F      move down by one screen


==============================================================================
1.2. Browser control

	?	view the help screen
	R	reload the current directory
	^R	clear the cache and reload the view
	^L	redraw the window
	:	open the console |3?|
	b	toggle options

	i	inspect the content of the file
	E	edit the file
	s	open a shell, starting in the current directory

Marking files allows you to use operations on multiple files at once.
If there are any marked files in this directory, "yy" will copy them instead
of the file you're pointing at.

	<Space> mark a file
	v	toggle all marks
	V	remove all marks

By "tagging" files, you can highlight them and mark them to be
special in whatever context you want.

	t	tag/untag the selection
	T	untag the selection


==============================================================================
1.3. Searching

Use "/" to open the search console. |3?|
Enter a string and press <Enter> to search for it in all currently
visible files. Pressing "n" will move you to the next occurance,
"N" to the previous one.

You can search for more than just strings:
	TAB	search tagged files
	cc	cycle through all files by their ctime (last modification)
	cm	cycle by mime type, connecting similar files
	cs	cycle by size, large items first


==============================================================================
1.4. Sorting

To sort files, type "o" suffixed with a key that stands for a certain
sorting mode. By typing any of those keys in upper case, the order will
be reversed.

	os	sort by size
	ob, on	sort by basename
	om	sort by mtime (last modification)
	ot	sort by mime type
	or	reverse order


==============================================================================
1.5. Bookmarks

Type "m<key>" to bookmark the current directory. You can re-enter this
directory by typing "`<key>". <key> can be any letter or digit.
Each time you jump to a bookmark, the special bookmark at key ` will be set
to the last directory. So typing "``" gets you back to where you were before.

Note: The ' key is equivalent to `.


==============================================================================
1.6. Mouse usage

The mouse can be used to quickly enter directories which you point at,
or to scroll around with the mouse wheel. The implementation of the mouse
wheel is not stable due to problems with the ncurses library, but "it works
on my machine".

Clicking into the preview window will usually run the file. |2?|


==============================================================================
"""
# vim:tw=78:sw=4:sts=8:ts=8:ft=help