Date: Monday, September 17, 2012 @ 02:48:07 Author: bisson Revision: 166731
remove ipv6 privacy extensions (FS#30278: it goes against the RFC and default implementation behavior) and improve on the consistency and conciseness of comments Modified: procps-ng/trunk/PKGBUILD procps-ng/trunk/sysctl.conf -------------+ PKGBUILD | 2 +- sysctl.conf | 35 +++++++++++++++-------------------- 2 files changed, 16 insertions(+), 21 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2012-09-17 05:26:17 UTC (rev 166730) +++ PKGBUILD 2012-09-17 06:48:07 UTC (rev 166731) @@ -18,7 +18,7 @@ source=(procps-ng-${pkgver}.tar.gz::http://gitorious.org/procps/procps/archive-tarball/v${pkgver} sysctl.conf) sha1sums=('e78a098f1a3c06722155800cc5cfa0c865af03c0' - 'efb6cdc17ee39be8433ae9c8e9bb02d1f47eeefc') + '97ff07bab9aa5daa8d54a1346f73ba74f8e12a53') build() { cd "${srcdir}/procps-procps" Modified: sysctl.conf =================================================================== --- sysctl.conf 2012-09-17 05:26:17 UTC (rev 166730) +++ sysctl.conf 2012-09-17 06:48:07 UTC (rev 166731) @@ -1,46 +1,41 @@ -# /etc/sysctl.conf - Configuration file for setting system variables -# See sysctl.conf (5) for information. +# Configuration file for runtime kernel parameters. +# See sysctl.conf(5) for more information. -# you can have the CD-ROM close when you use it, and open -# when you are done. +# Have the CD-ROM close when you use it, and open when you are done. +#dev.cdrom.autoclose = 1 #dev.cdrom.autoeject = 1 -#dev.cdrom.autoclose = 1 -# protection from the SYN flood attack +# Protection from the SYN flood attack. net.ipv4.tcp_syncookies = 1 -# see the evil packets in your log files +# See evil packets in your logs. #net.ipv4.conf.all.log_martians = 1 -# if not functioning as a router, there is no need to accept redirects or source routes +# Never accept redirects or source routes (these are only useful for routers). #net.ipv4.conf.all.accept_redirects = 0 #net.ipv4.conf.all.accept_source_route = 0 #net.ipv6.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_source_route = 0 -# Disable packet forwarding +# Disable packet forwarding. net.ipv4.ip_forward = 0 net.ipv6.conf.all.forwarding = 0 -# Enable IPv6 Privacy Extensions -net.ipv6.conf.default.use_tempaddr = 2 -net.ipv6.conf.all.use_tempaddr = 2 +# Tweak the port range used for outgoing connections. +#net.ipv4.ip_local_port_range = 32768 61000 -# sets the port range used for outgoing connections -#net.ipv4.ip_local_port_range = 32768 61000 - -# Swapping too much or not enough? Disks spinning up when you'd -# rather they didn't? Tweak these. +# Tweak those values to alter disk syncing and swap behavior. #vm.vfs_cache_pressure = 100 #vm.laptop_mode = 0 #vm.swappiness = 60 +# Tweak how the flow of kernel messages is throttled. #kernel.printk_ratelimit_burst = 10 #kernel.printk_ratelimit = 5 -#kernel.panic_on_oops = 0 -# Reboot 600 seconds after a panic +# Reboot 600 seconds after kernel panic or oops. +#kernel.panic_on_oops = 1 #kernel.panic = 600 -# Disable SysRq key (note: console security issues) +# Disable SysRq key to avoid console security issues. kernel.sysrq = 0