IPv4 Alanları
net.ipv4.ip_unprivileged_port_start
Örnek
Şöyle yaparız. Burada dosya ismi sysctl.conf değil ama yine de örneği not almak istedim.
echo "net.ipv4.ip_unprivileged_port_start=100" > /etc/sysctl.d/privileged_ports.conf
net.ipv4.conf.all.forwarding Alanı
Örnek
Trafiği bir proxy'e yönlendirmek için şöyle yaparız
Fedora üzerinde herkesin pin yapabilmesini sağlar. Açıklaması şöyle
Bu alanın değerini görmek için şöyle yaparız
Linus Torvalds swappiness özelliğini 1992'de eklemiş. Açıklaması şöyle.
Bu özelliğe paging veya swapping deniliyor. Ancak bence paging daha doğru bir kelime. Çünkü swapping eskiden biraz daha farklı bir anlamına geliyordu. Açıklaması şöyle.
Şöyle yaparız.
Örnek
Trafiği bir proxy'e yönlendirmek için şöyle yaparız
echo "net.ipv4.conf.all.forwarding = 1" >> /etc/sysctl.conf
sysctl -p
firewall-cmd --permanent --add-masquerade
firewall-cmd --permanent --add-forward-port=port=80:proto=tcp:toport=80:toaddr=TARGET_IP
firewall-cmd --permanent --add-forward-port=port=443:proto=tcp:toport=443:toaddr=TARGET_IP
firewall-cmd --reloadFedora üzerinde herkesin pin yapabilmesini sağlar. Açıklaması şöyle
Enable the Linux kernel's net.ipv4.ping_group_range parameter to cover all groups. This will let all users on the operating system create ICMP Echo sockets without using setuid binaries, or having the CAP_NET_ADMIN and CAP_NET_RAW file capabilities.Örnek
Bu alanın değerini görmek için şöyle yaparız
sysctl net.ipv4.ping_group_range
net.ipv4.ping_group_range = 0 2147483647IPv6 Alanları
IPv6 işlevini kapatmak için şöyle yaparız
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1vm.swappiness Alanı
I remember that, in December, there was this guy in Germany who only had 2 megabytes of RAM, and he was trying to compile the kernel and he couldn't run GCC because GCC at the time needed more than a megabyte. He asked me if Linux could be compiled with a smaller compiler that wouldn't need as much memory. So I decided that even though I didn't need the particular feature, I would make it happen for him. It's called page-to-disk, and it means that even though someone only has 2 mgs of RAM, he can make it appear to be more using the disk for memory. This was around Christmas 1991.Böylece mevcut RAM'dan daha fazla belleğe ihtiyaç duyan uygulamalar bile çalıştırabiliyor.
Bu özelliğe paging veya swapping deniliyor. Ancak bence paging daha doğru bir kelime. Çünkü swapping eskiden biraz daha farklı bir anlamına geliyordu. Açıklaması şöyle.
Swapping is a concept predating virtual memory and even memory protection: it just means putting a process on disk to make room for another. The original Unix had two quirks in that regard: "shared text" programs that kept the program code only once in memory and swapped out the data section only. And it had the "fork" system call that swapped out a process to disk while not replacing the memory image and instead keeping a copy (the child) running.Pagin ise klasik anlamda belleğin sayfalar şeklinde kullanılması anlama geliyor. Açıklaması şöyle.
Page-to-disk, as opposed to swapping, allows for processes to run that do not fit the physical memory. It requires all of protectable memory, memory mapping of virtual addresses to physical addresses, and a restartable page fault mechanism that will allow to change the mapping from an unmapped virtual address to a reasonably selectable physical address and resuming the command that had to be aborted because of the missing mapping.İlk UNIX'ler MMU olmadan bile bir şekilde pagin yapabiliyomuş. Açıklaması şöyle.
UNIX was able to run on 68000 processors (including swapping) without MMU, and it made good use of an MMU if available for memory protection, but it took the 68010 to actually have the mechanisms allowing for resuming a program after a page fault.Bu özellik ile Linux işletim sistemi Minıx'in bir adım önüne geçmiş. Açıklaması şöyle
Page-to-disk was a fairly big thing because it was something Minix had never done. It was included in version 0.12, which was released in the first week of January 1992. Immediately, people started to compare Linux not only to Minix but to Coherent, which was a small Unix clone developed by Mark Williams Company. From the beginning, the act of adding page-to-disk caused Linux to rise above the competition.Aslında bu özellik UNIX'te eskiden beri vardı. Açıklaması şöyle
That's when Linux took off. Suddenly there were people switching from Minix to Linux.
To be clear, swapping wasn't an innovative feature: most “serious” Unix systems had it, and the feature is older than Unix. What swapping did for Linux was to turn it into a “serious” Unix, whereas MINIX was meant for educational purposes.Açıklaması şöyle.
Swapping today is still the same concept. The heuristics for deciding which pages to save and when to save them have become a lot more complex, but the basic principle remains.
Even if there is still available RAM, the Linux Kernel will move memory pages which are hardly ever used into swap space.Bir başka açıklama şöyle. Swapiness'ı azaltmak istersek bu değeri 1 yapmak gerekir.
It’s good to swap out memory pages that have been inactive for a while, keeping often-used data in cache; this is the desired situation of the Kernel.
You can have more control on this by using vfs_cache_pressure (which controls the tendency of the kernel to reclaim the memory which is used for caching of directory and inode objects) and swappiness (which controls how aggressive the kernel will swap memory pages: higher values will increase aggressiveness, lower values decrease the amount of swap).
You can find these settings in /etc/sysctl.conf.
This will determine the tendency of the kernel to swap out memory pages. In may cases, you will want to set this to "1" to keep the swapping to a minimum. A value of "0" will disable it entirely.Bu değerin şimdiki halini görmek için şöyle yaparız
cat /proc/sys/vm/swappinessŞöyle yaparız.
vm.swappiness=80
Hiç yorum yok:
Yorum Gönder