User Tools

Site Tools


change_for_headless_router

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
change_for_headless_router [2017/11/14 02:10]
admin
change_for_headless_router [2017/12/01 02:14] (current)
admin
Line 67: Line 67:
   net-analyzer/​wireshark netlink pcap   net-analyzer/​wireshark netlink pcap
   net-dns/​dnsmasq -dhcp -id -inotify   net-dns/​dnsmasq -dhcp -id -inotify
 +  net-misc/​wget ipv6 zlib ssl
   sys-apps/​openrc netifrc   sys-apps/​openrc netifrc
   sys-apps/​net-tools arp hostname   sys-apps/​net-tools arp hostname
Line 77: Line 78:
   * emerge --sync   * emerge --sync
   * emerge -DaNuv world   * emerge -DaNuv world
-  * emerge -av hdparm parted iptables dnsmasq ethtool app-misc/​screen gentoolkit u-boot-tools+  * emerge -av hdparm parted iptables dnsmasq ethtool app-misc/​screen gentoolkit u-boot-tools ​net-analyzer/​nmap net-misc/​bridge-utils net-misc/​dhcp net-misc/​dibbler net-misc/​iperf net-misc/​quagga net-misc/​radvd net-misc/​telnet-bsd sys-power/​cpupower sys-process/​vixie-cron net-misc/​ntp syslog-ng
   * Set the hostname   * Set the hostname
   * /​etc/​conf.d/​ip* SAVE_ON_STOP="​no"​   * /​etc/​conf.d/​ip* SAVE_ON_STOP="​no"​
 +  * rc-update del keymaps boot;​rc-update del netmount;​rc-update del termencoding boot
 +  * rc-update add iptables boot default;​rc-update add ip6tables boot default
 +  * cp /​usr/​share/​zoneinfo/​America/​La_Paz /​etc/​localtime
  
 == Firewall == == Firewall ==
 {{ :​iot-gate-imx7-iptables.txt |}} {{ :​iot-gate-imx7-iptables.txt |}}
 +{{ :​iot-gate-imx7-ip6tables.txt |}}
 +
 +== /​etc/​sysctl.conf ==
 +  net.ipv4.conf.default.rp_filter = 1
 +  net.ipv4.conf.all.rp_filter = 1
 +  net.ipv4.tcp_syncookies = 1
 +  net.ipv4.icmp_echo_ignore_broadcasts = 1
 +  kernel.panic = 3
 +  net.ipv6.conf.all.accept_ra=0
 +  net.ipv4.ip_forward = 1
 +  net.ipv6.conf.all.autoconf=0
 +  net.ipv6.conf.default.autoconf=0
 +  net.ipv6.conf.all.accept_ra_defrtr = 0
 +  net.ipv6.conf.default.accept_ra_defrtr = 0
 +  net.ipv6.conf.all.accept_ra = 0
 +  net.ipv6.conf.default.accept_ra = 0
 +  net.ipv4.conf.all.accept_source_route=0
 +  net.ipv4.conf.default.accept_source_route=0
 +  net.ipv4.conf.all.accept_redirects=0
 +  net.ipv4.conf.default.accept_redirects=0
 +  net.ipv4.conf.all.secure_redirects=0
 +  net.ipv4.conf.default.secure_redirects=0
 +  ​
 +Into the **/​etc/​fstab**
 +  none            /tmp                                            tmpfs   ​defaults,​nosuid,​size=32M,​mode=1777
 +  none            /​var/​tmp ​                                       tmpfs   ​defaults,​nosuid,​size=128M,​mode=1777
 +  none            /​var/​lib/​ntp ​                                   tmpfs   ​defaults,​nosuid,​size=32M,​mode=755,​uid=123,​gid=123
 +  none            /​var/​spool/​cron/​lastrun ​                        ​tmpfs ​  ​defaults,​nosuid,​size=1M,​mode=750
 +  ​
 +== Tweak ==
 +/​etc/​local.d/​baselayout1.start
 +  echo -e "​\033[9;​0]"​ >/​dev/​console
 +  echo 5 > /​proc/​sys/​vm/​laptop_mode
 +  echo 10 > /​proc/​sys/​vm/​swappiness
 +  /​usr/​bin/​cpupower frequency-set -g ondemand
 +  ​
change_for_headless_router.1510625414.txt.gz ยท Last modified: 2017/11/14 02:10 by admin