| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Revert "fix(sysctl): enable net.ipv4.ip_forward for NAT bridges" |  sommerfeld | 9 days | 1 | -5/+0 |
| | | | | | This reverts commit eca1a71fc486690489f7aef671d7beccc2ec3f25. | ||||
| * | fix(sysctl): enable net.ipv4.ip_forward for NAT bridges | sommerfeld | 9 days | 1 | -0/+5 |
| | | | | | | | | waydroid (and libvirt with finicky guests) need the host to route between their NAT bridge and the upstream NIC. libvirtd usually enables this on demand but it doesn't persist, so the container has no internet on a fresh boot until something else flips the bit. | ||||
| * | feat(net): nftables laptop firewall | sommerfeld | 2026-05-13 | 1 | -0/+13 |
| | | | | | | | | | | | | | | Default-deny inbound, allow outbound. Scoped to 'inet filter' with 'destroy table' on reload so podman/netavark tables are preserved. - meta/base.txt: add nftables - systemd-units/system/base.txt: enable nftables.service - etc/nftables.conf: laptop ruleset (loopback, ct state, ICMP/ICMPv6 essentials, DHCPv6 client, default-drop input/forward, accept output) - etc/sysctl.d/99-sysctl.conf: rp_filter=2, no redirects, no source-route, log_martians - README.md: firewall section with reload caveat | ||||
| * | system: add zram swap via zram-generator | sommerfeld | 2026-04-21 | 1 | -0/+4 |
| | | | | | | Cap at 8 GiB, zstd compression. Tune VM for RAM-backed swap: high swappiness, no read-ahead clustering. | ||||
| * | Change event_paranoid for better profiling |  Arnold Sommerfeld | 2024-03-13 | 1 | -1/+1 |
| | | |||||
| * | first commit | Arnold Sommerfeld | 2023-10-18 | 1 | -0/+19 |
 |
index : dotfiles | |
| My linux config and rc files | sommerfeld <sommerfeld@sommerfeld.dev> |
| aboutsummaryrefslogtreecommitdiffstatshomepage |