starred/MYS
1
0
Fork 0
mirror of https://github.com/Pardus-Ahtapot/MYS.git synced 2026-04-25 17:45:56 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #81] Sysctl.conf hatasından dolayı handler çalışması sırasında hata oluşuyor. #4

New issue
Closed
opened 2026-03-02 15:45:33 +03:00 by kerem · 2 comments
kerem commented 2026-03-02 15:45:33 +03:00
Owner
Copy link

Originally created by @zkryakgul on GitHub (Feb 17, 2020).
Original GitHub issue: https://github.com/Pardus-Ahtapot/MYS/issues/81

github.com/Pardus-Ahtapot/MYS@c0236ddd36/ahtapotmys/roles/firewall/handlers/sysctl.yml (L3)

Handler çalışması sırasında sysctl template'i içerisindeki bazı yapılar aşağıda görüldüğü üzere set edilememektedir. (Bazıları interface isimlerinin farklı olmasından ötürü). Bundan ötürü diğer handlerlar çalışamamaktadır.

sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_max: No such file or directory
net.nf_conntrack_max = 65536
net.netfilter.nf_conntrack_tcp_timeout_established = 600
sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established: No such file or directory
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 90
sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait: No such file or directory
net.ipv4.ip_local_port_range = 24576  65534
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.log_martians = 1
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/log_martians: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/log_martians: No such file or directory
net.ipv4.conf.lo.log_martians = 1
net.ipv4.tcp_ecn = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_abort_on_overflow = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_sack = 1
net.ipv4.tcp_dsack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_fin_timeout = 20
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_max_syn_backlog = 4096
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/rp_filter: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/rp_filter: No such file or directory
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.all.accept_source_route = 1
net.ipv4.conf.default.accept_source_route = 1
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/accept_source_route: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/accept_source_route: No such file or directory
net.ipv4.conf.lo.accept_source_route = 1
net.ipv6.conf.all.accept_source_route = 0
net.ipv6.conf.default.accept_source_route = 0
sysctl: cannot stat /proc/sys/net/ipv6/conf/eth0/accept_source_route: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv6/conf/eth1/accept_source_route: No such file or directory
net.ipv6.conf.lo.accept_source_route = 0
net.ipv4.conf.all.bootp_relay = 1
net.ipv4.conf.default.bootp_relay = 1
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/bootp_relay: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/bootp_relay: No such file or directory
net.ipv4.conf.lo.bootp_relay = 1
net.ipv4.ip_forward = 1
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.default.secure_redirects = 1
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/secure_redirects: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/secure_redirects: No such file or directory
net.ipv4.conf.lo.secure_redirects = 1
net.ipv4.conf.all.send_redirects = 1
net.ipv4.conf.default.send_redirects = 1
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/send_redirects: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/send_redirects: No such file or directory
net.ipv4.conf.lo.send_redirects = 1
net.ipv4.conf.all.proxy_arp = 1
net.ipv4.conf.default.proxy_arp = 1
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/proxy_arp: No such file or directory
sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/proxy_arp: No such file or directory
net.ipv4.conf.lo.proxy_arp = 1
Originally created by @zkryakgul on GitHub (Feb 17, 2020). Original GitHub issue: https://github.com/Pardus-Ahtapot/MYS/issues/81 https://github.com/Pardus-Ahtapot/MYS/blob/c0236ddd36c1ee756c89219da5e5b10eb6fbb9c4/ahtapotmys/roles/firewall/handlers/sysctl.yml#L3 Handler çalışması sırasında sysctl template'i içerisindeki bazı yapılar aşağıda görüldüğü üzere set edilememektedir. (Bazıları interface isimlerinin farklı olmasından ötürü). Bundan ötürü diğer handlerlar çalışamamaktadır. ``` sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_max: No such file or directory net.nf_conntrack_max = 65536 net.netfilter.nf_conntrack_tcp_timeout_established = 600 sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established: No such file or directory net.netfilter.nf_conntrack_tcp_timeout_time_wait = 90 sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait: No such file or directory net.ipv4.ip_local_port_range = 24576 65534 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.conf.all.log_martians = 1 net.ipv4.conf.default.log_martians = 1 sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/log_martians: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/log_martians: No such file or directory net.ipv4.conf.lo.log_martians = 1 net.ipv4.tcp_ecn = 1 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_abort_on_overflow = 1 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_sack = 1 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_fack = 1 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.tcp_fin_timeout = 20 net.ipv4.tcp_retries1 = 3 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 3 net.ipv4.tcp_max_syn_backlog = 4096 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 0 sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/rp_filter: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/rp_filter: No such file or directory net.ipv4.conf.lo.rp_filter = 0 net.ipv4.conf.all.accept_source_route = 1 net.ipv4.conf.default.accept_source_route = 1 sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/accept_source_route: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/accept_source_route: No such file or directory net.ipv4.conf.lo.accept_source_route = 1 net.ipv6.conf.all.accept_source_route = 0 net.ipv6.conf.default.accept_source_route = 0 sysctl: cannot stat /proc/sys/net/ipv6/conf/eth0/accept_source_route: No such file or directory sysctl: cannot stat /proc/sys/net/ipv6/conf/eth1/accept_source_route: No such file or directory net.ipv6.conf.lo.accept_source_route = 0 net.ipv4.conf.all.bootp_relay = 1 net.ipv4.conf.default.bootp_relay = 1 sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/bootp_relay: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/bootp_relay: No such file or directory net.ipv4.conf.lo.bootp_relay = 1 net.ipv4.ip_forward = 1 net.ipv4.conf.all.secure_redirects = 1 net.ipv4.conf.default.secure_redirects = 1 sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/secure_redirects: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/secure_redirects: No such file or directory net.ipv4.conf.lo.secure_redirects = 1 net.ipv4.conf.all.send_redirects = 1 net.ipv4.conf.default.send_redirects = 1 sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/send_redirects: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/send_redirects: No such file or directory net.ipv4.conf.lo.send_redirects = 1 net.ipv4.conf.all.proxy_arp = 1 net.ipv4.conf.default.proxy_arp = 1 sysctl: cannot stat /proc/sys/net/ipv4/conf/eth0/proxy_arp: No such file or directory sysctl: cannot stat /proc/sys/net/ipv4/conf/eth1/proxy_arp: No such file or directory net.ipv4.conf.lo.proxy_arp = 1 ```
kerem closed this issue 2026-03-02 15:45:33 +03:00
kerem commented 2026-03-02 15:45:34 +03:00
Author
Owner
Copy link

@ciari commented on GitHub (May 29, 2020):

Bu aslında bir hata değil, pardus kurumsal sürümde interface isimleri ethX olarak geliyordu. Bu yüzden güvenlik duvarlarında interfaceler eth0 ve eth1 olarak hard coded kabul edildi. Daha sonra pardus 17, debin 9 tabanlı sürümde interface isimleri marka/model/vendor a göre üretilmeye başlanılınca, bu kısım ethX olarak kalmış. Pardus 17 geçişinde gözden kaçırmışız sanırım

<!-- gh-comment-id:636167537 --> @ciari commented on GitHub (May 29, 2020): Bu aslında bir hata değil, pardus kurumsal sürümde interface isimleri ethX olarak geliyordu. Bu yüzden güvenlik duvarlarında interfaceler eth0 ve eth1 olarak hard coded kabul edildi. Daha sonra pardus 17, debin 9 tabanlı sürümde interface isimleri marka/model/vendor a göre üretilmeye başlanılınca, bu kısım ethX olarak kalmış. Pardus 17 geçişinde gözden kaçırmışız sanırım
kerem commented 2026-03-02 15:45:34 +03:00
Author
Owner
Copy link

@zkryakgul commented on GitHub (Jun 1, 2020):

Interface isimleri haricinde aşağıdaki 3 paramatre de hataya sebep olmaktadır:

net.ipv4.netfilter.ip_conntrack_max = 65536
sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_max: No such file or directory

net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 600
sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established: No such file or directory

net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 90
sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait: No such file or directory
<!-- gh-comment-id:636663480 --> @zkryakgul commented on GitHub (Jun 1, 2020): Interface isimleri haricinde aşağıdaki 3 paramatre de hataya sebep olmaktadır: ``` net.ipv4.netfilter.ip_conntrack_max = 65536 sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_max: No such file or directory ``` ``` net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 600 sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established: No such file or directory ``` ``` net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 90 sysctl: cannot stat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait: No such file or directory ```
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
development
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/MYS#4
No description provided.