echo "# arp引數,檢查一次相鄰層記錄的有效性的週期。當相鄰層記錄失效" >> /etc/sysctl.conf
echo -e "net.ipv4.neigh.default.gc_stale_time=120\n" >> /etc/sysctl.conf
echo "# 路由設定" >> /etc/sysctl.conf
echo -e "net.ipv4.conf.all.rp_filter=0\n" >> /etc/sysctl.conf
echo "#啟用源路由核查功能" >> /etc/sysctl.conf
echo -e "net.ipv4.conf.default.rp_filter=0\n" >> /etc/sysctl.conf
echo "#限制arp 協議要發的要求,2 始終使用最好的解決這一目標" >> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_announce = 2" >> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_announce=2" >> /etc/sysctl.conf
echo -e "net.ipv4.conf.all.arp_announce=2\n" >> /etc/sysctl.conf
echo "#timewait的數量,預設是180000" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_tw_buckets = 100000\n" >> /etc/sysctl.conf
echo "#開啟syn洪水攻擊保護" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_syncookies = 1\n" >> /etc/sysctl.conf
echo "#記錄的那些尚未收到客戶端確認資訊的連線請求的最大值。對於有128m記憶體的系統而言,預設值是1024,小記憶體的系統則是128" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_syn_backlog = 1024\n" >> /etc/sysctl.conf
echo "#為了開啟對端的連線,核心需要傳送乙個syn並附帶乙個回應前面乙個syn的ack。也就是所謂三次握手中的第二次握手。這個設定決定了核心放棄連線之前傳送syn+ack包的數量" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_synack_retries = 2\n" >> /etc/sysctl.conf
echo "#禁用ipv6協議" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf=
echo "#髒頁的老化時間,預設30秒,多久刷盤一次" >> /etc/sysctl.conf
echo "vm.dirty_expire_centisecs = 3000" >> /etc/sysctl.conf
echo "#pdflush多久工作一次" >> /etc/sysctl.conf
echo "vm.dirty_writeback_centisecs = 500" >> /etc/sysctl.conf
echo "#如果髒頁到達剩餘的10%,kernel 在調節,而不是pdflush" >> /etc/sysctl.conf
echo "vm.dirty_background_ratio = 10" >> /etc/sysctl.conf
echo "#低位記憶體 30秒一次(到達20%) 小資料檔案,隨即數較多,可以適當把這個值設定大一些,效能更好一些。" >> /etc/sysctl.conf
echo "vm.dirty_ratio = 30 " >> /etc/sysctl.conf
echo "#到達位元組" >> /etc/sysctl.conf
echo "vm.dirty_bytes = 0">> /etc/sysctl.conf
echo "vm.dirty_background_bytes = 0">> /etc/sysctl.conf
sysctl -p
centos7系統初始化優化
防火牆優化 關閉防火牆 systemctl stop firewalld systemctl disable firewalld 開啟防火牆命令 新增乙個埠 firewall cmd zone public add port 80 tcp permanent permanent永久生效,沒有此引數重...
centos7初始化指令碼
centos7初始化指令碼 新裝的虛擬機器或者linux伺服器的初始化指令碼 功能 永久關閉防火牆,selinux 安裝常用工具 配置靜態ip位址 配置阿里源 usr bin bash centos初始化指令碼 time 2020 04 01 防火牆設定 echo 關閉防火牆和selinux sys...
Centos7普通初始化指令碼
bash bash 關閉selinux echo set selinux disabled sed i s selinux selinux disabled etc selinux config setenforce 0 關閉防火牆 echo 關閉防火牆 systemctl stop firewal...