Code Review
/
icn.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
update the committers for icn
[icn.git]
/
deploy
/
cluster
/
resources
/
harden_os.sh
diff --git
a/deploy/cluster/resources/harden_os.sh
b/deploy/cluster/resources/harden_os.sh
index
6cc4e31
..
89ff363
100644
(file)
--- a/
deploy/cluster/resources/harden_os.sh
+++ b/
deploy/cluster/resources/harden_os.sh
@@
-153,6
+153,8
@@
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.log_martians = 1
net.ipv6.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.log_martians = 1
net.ipv6.conf.all.accept_redirects = 0
+# TODO forwarding required by k8s
+net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.accept_redirects = 0
EOF
sysctl --system
net.ipv6.conf.default.accept_redirects = 0
EOF
sysctl --system