change_for_headless_router
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
change_for_headless_router [2017/11/06 10:31] admin |
change_for_headless_router [2017/12/01 02:14] (current) admin |
||
|---|---|---|---|
| Line 58: | Line 58: | ||
| INPUT_DEVICES="keyboard" | INPUT_DEVICES="keyboard" | ||
| PAX_MARKINGS="XT" | PAX_MARKINGS="XT" | ||
| + | |||
| + | * echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen | ||
| + | * Content of **/etc/portage/package.use**: | ||
| + | |||
| + | app-editors/nano -minimal | ||
| + | app-shells/bash readline | ||
| + | dev-lang/python xml ssl | ||
| + | net-analyzer/wireshark netlink pcap | ||
| + | net-dns/dnsmasq -dhcp -id -inotify | ||
| + | net-misc/wget ipv6 zlib ssl | ||
| + | sys-apps/openrc netifrc | ||
| + | sys-apps/net-tools arp hostname | ||
| + | sys-apps/iproute2 -minimal | ||
| + | sys-apps/kmod tools | ||
| + | sys-apps/hwids udev pci net usb | ||
| + | sys-fs/cryptsetup kernel | ||
| + | sys-process/procps ncurses | ||
| == System packages == | == System packages == | ||
| * emerge --sync | * emerge --sync | ||
| - | * emerge -av hdparm parted iptables dnsmasq ethtool | + | * emerge -DaNuv world |
| + | * emerge -av hdparm parted iptables dnsmasq ethtool app-misc/screen gentoolkit u-boot-tools net-analyzer/nmap net-misc/bridge-utils net-misc/dhcp net-misc/dibbler net-misc/iperf net-misc/quagga net-misc/radvd net-misc/telnet-bsd sys-power/cpupower sys-process/vixie-cron net-misc/ntp syslog-ng | ||
| + | * Set the hostname | ||
| + | * /etc/conf.d/ip* SAVE_ON_STOP="no" | ||
| + | * rc-update del keymaps boot;rc-update del netmount;rc-update del termencoding boot | ||
| + | * rc-update add iptables boot default;rc-update add ip6tables boot default | ||
| + | * cp /usr/share/zoneinfo/America/La_Paz /etc/localtime | ||
| + | |||
| + | == Firewall == | ||
| + | {{ :iot-gate-imx7-iptables.txt |}} | ||
| + | {{ :iot-gate-imx7-ip6tables.txt |}} | ||
| + | |||
| + | == /etc/sysctl.conf == | ||
| + | net.ipv4.conf.default.rp_filter = 1 | ||
| + | net.ipv4.conf.all.rp_filter = 1 | ||
| + | net.ipv4.tcp_syncookies = 1 | ||
| + | net.ipv4.icmp_echo_ignore_broadcasts = 1 | ||
| + | kernel.panic = 3 | ||
| + | net.ipv6.conf.all.accept_ra=0 | ||
| + | net.ipv4.ip_forward = 1 | ||
| + | net.ipv6.conf.all.autoconf=0 | ||
| + | net.ipv6.conf.default.autoconf=0 | ||
| + | net.ipv6.conf.all.accept_ra_defrtr = 0 | ||
| + | net.ipv6.conf.default.accept_ra_defrtr = 0 | ||
| + | net.ipv6.conf.all.accept_ra = 0 | ||
| + | net.ipv6.conf.default.accept_ra = 0 | ||
| + | net.ipv4.conf.all.accept_source_route=0 | ||
| + | net.ipv4.conf.default.accept_source_route=0 | ||
| + | net.ipv4.conf.all.accept_redirects=0 | ||
| + | net.ipv4.conf.default.accept_redirects=0 | ||
| + | net.ipv4.conf.all.secure_redirects=0 | ||
| + | net.ipv4.conf.default.secure_redirects=0 | ||
| + | |||
| + | Into the **/etc/fstab** | ||
| + | none /tmp tmpfs defaults,nosuid,size=32M,mode=1777 | ||
| + | none /var/tmp tmpfs defaults,nosuid,size=128M,mode=1777 | ||
| + | none /var/lib/ntp tmpfs defaults,nosuid,size=32M,mode=755,uid=123,gid=123 | ||
| + | none /var/spool/cron/lastrun tmpfs defaults,nosuid,size=1M,mode=750 | ||
| + | |||
| + | == Tweak == | ||
| + | /etc/local.d/baselayout1.start | ||
| + | echo -e "\033[9;0]" >/dev/console | ||
| + | echo 5 > /proc/sys/vm/laptop_mode | ||
| + | echo 10 > /proc/sys/vm/swappiness | ||
| + | /usr/bin/cpupower frequency-set -g ondemand | ||
| + | | ||
change_for_headless_router.1509964315.txt.gz · Last modified: 2017/11/06 10:31 by admin
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
