System
System
sysctl
Bereinigt um Redundanzen (insbesondere die, deren Default-Verhalten durch net.ipv4.ip_forward=1 und net.ipv6.conf.all.forwarding=1 geändert wird).
# Reboot 1 second after kernel panic, oops or BUG (usually in batman-adv.ko)
kernel.panic = 1
kernel.panic_on_oops = 1
# throw kernel panic on softlockup
kernel.softlockup_panic=1
## Networking
# See https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
# Don't pass bridged traffic to iptables/arptables
net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-ip6tables = 0
## IPv4 tuning
# Reset all configuration parameters to RFC1812
net.ipv4.ip_forward=1
# Accept ICMP redirect messages; default = 0
net.ipv4.conf.default.accept_redirects = 1
net.ipv4.conf.all.accept_redirects = 1
# Use larger ARP cache
net.ipv4.neigh.default.gc_thresh1 = 2048
net.ipv4.neigh.default.gc_thresh2 = 4096
net.ipv4.neigh.default.gc_thresh3 = 8192
# Maximum number of routes allowed in the kernel
net.ipv4.route.max_size=8388608
## IPv6 tuning
# Configure router behaviour
net.ipv6.conf.all.forwarding=1
# Accept Redirects; default = 0
net.ipv6.conf.default.accept_redirects = 1
net.ipv6.conf.all.accept_redirects = 1
# Accept Duplicate Address Detection; default = 1
net.ipv6.conf.default.accept_dad = 0
net.ipv6.conf.all.accept_dad = 0
# Use larger neighbor table
net.ipv6.neigh.default.gc_thresh1 = 2048
net.ipv6.neigh.default.gc_thresh2 = 4096
net.ipv6.neigh.default.gc_thresh3 = 8192
# Maximum number of routes allowed in the kernel
net.ipv6.route.max_size=8388608- Hauptsächlich einige wichtige
systctl-Einstellungen
Paketquellen
deb http://ftp.informatik.rwth-aachen.de/ftp/pub/Linux/debian/ wheezy main non-free contrib
deb-src http://ftp.informatik.rwth-aachen.de/ftp/pub/Linux/debian/ wheezy main non-free contrib
deb http://security.debian.org/ wheezy/updates main contrib non-free
deb-src http://security.debian.org/ wheezy/updates main contrib non-free
# wheezy-updates, previously known as 'volatile'
deb http://ftp.informatik.rwth-aachen.de/ftp/pub/Linux/debian/ wheezy-updates main contrib non-free
deb-src http://ftp.informatik.rwth-aachen.de/ftp/pub/Linux/debian/ wheezy-updates main contrib non-free
deb http://repo.universe-factory.net/debian/ sid main
deb http://http.debian.net/debian wheezy-backports main
#deb http://bird.network.cz/debian/ wheezy main- Das
bird-Repository ist überflüssig, die Pakete werden nicht genutzt.
Installierte Paket-Versionen
| Paket | Version | Verfügbar | Quelle |
|---|---|---|---|
| fastd | 17-2 | 17-4 | universe-factory.net |
| batman-adv | 2014.3.0 | - | - |
| batctl | 2014.3.0-2 | 2014.3.0-2 | universe-factory.net |
| bird | 1.4.5-1~bpo70+1 | (1.5 im Bird-Repo) | backports.debian.org |
| bird6 | 1.4.5-1~bpo70+1 | (transitional) | - |
Lokale Pakete (aus Backports)
jq
libjson-c2Zusätzliche laufende Dienste
rng-tools / rngdManuell installierte Software
/usr/local/bin/alfred-json
/usr/local/sbin/alfred
/usr/local/share/man/man8/alfred.8
/usr/local/sbin/batadv-vis
/usr/local/share/man/man8/batadv-vis.8
/usr/sbin/vmtoolsd (und was da noch dran hängt)VMware-Tools
Anstatt die VMware-Tools lokal zu kompilieren empfiehlt VMware die in der Distribution paketierten open-vm-tools + open-vm-tools-dkms zu nutzen.
System-Login
Login ist nur mittels SSH-Keys möglich. Momentan mússen sich die berechtigten Personen als root einloggen.
