X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fkernel.yaml;h=94b15d4b889cdf25ec3662c69ad1885f4e801531;hb=3a624e6fc169d80c0df1fefdb0da1d1946da2ad2;hp=2915795983322f2f8915d55470f6ecad6d3184da;hpb=51a43d81acd17d36bff47b01c353f580fc2ffc03;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/kernel.yaml b/puppet/services/kernel.yaml
index 29157959..94b15d4b 100644
--- a/puppet/services/kernel.yaml
+++ b/puppet/services/kernel.yaml
@@ -31,6 +31,7 @@ outputs:
       config_settings:
         kernel_modules:
           nf_conntrack: {}
+          nf_conntrack_proto_sctp: {}
         sysctl_settings:
           net.ipv4.tcp_keepalive_intvl:
             value: 1
@@ -38,6 +39,20 @@ outputs:
             value: 5
           net.ipv4.tcp_keepalive_time:
             value: 5
+          net.ipv4.conf.default.send_redirects:
+            value: 0
+          net.ipv4.conf.all.send_redirects:
+            value: 0
+          net.ipv4.conf.default.accept_redirects:
+            value: 0
+          net.ipv4.conf.default.secure_redirects:
+            value: 0
+          net.ipv4.conf.all.secure_redirects:
+            value: 0
+          net.ipv4.conf.default.log_martians:
+            value: 1
+          net.ipv4.conf.all.log_martians:
+            value: 1
           net.nf_conntrack_max:
             value: 500000
           net.netfilter.nf_conntrack_max:
@@ -51,9 +66,17 @@ outputs:
             value: 0
           net.ipv6.conf.default.autoconf:
             value: 0
+          net.ipv6.conf.default.accept_redirects:
+            value: 0
+          net.ipv6.conf.all.accept_redirects:
+            value: 0
           net.core.netdev_max_backlog:
             value: 10000
           kernel.pid_max:
             value: {get_param: KernelPidMax}
+          kernel.dmesg_restrict:
+            value: 1
+          fs.suid_dumpable:
+            value: 0
       step_config: |
         include ::tripleo::profile::base::kernel