RaspberryPi

라즈베리파이 - OS 설치후 확인해야 하는 사항

by MaraSong posted Feb 04, 2019
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

라즈베리파이 - OS 설치후 확인해야 하는 사항 

 

 

라즈베리파이에 OS 를 처음 설치하고 (라즈베리안) 각종 파라미터를 확인하는 스크립트입니다.

 

 


cat 00.system.check.sh 


#!/bin/bash

#echo -e "32768\t61000" > /proc/sys/net/ipv4/ip_local_port_range
#$ sysctl -w net.ipv4.tcp_wmem="253952 253952 16777216"
#$ sysctl fs.file-max
#$ sysctl fs.file-nr 

echo "----------------------------------"
check_value=`getenforce`
echo "GetEnforce : ${check_value}"
echo "----------------------------------"
echo -e "Parameter\tNow\tRecommand"
echo "----------------------------------"

# Recommand value = 0
recom_value="0"
for check_param in net.ipv4.tcp_timestamps net.ipv4.conf.all.accept_source_route net.ipv4.ip_forward net.ipv4.conf.all.accept_redirects net.ipv4.tcp_tw_reuse
do
        check_param2=${check_param%*.*}
        check_param3=`echo ${check_param} | sed -e "s/${check_param2}//" | cut -c 2-`
        check_value=`sysctl -n ${check_param}`

        if [ "$check_value" -eq "${recom_value}" ]
        then 
                echo -e "${check_param3}\t${check_value}\t${recom_value}\t OK"
        else
                echo -e "${check_param3}\t${check_value}\t${recom_value}"
                read -s -n1 -p "    ${check_param3} ${check_value}->${recom_value} : Submit Now? (y/n) : " submit_yn
                if [ "$submit_yn" == "y" ]
                then
                        echo -e "\tsysctl -w ${check_param}=${recom_value}"
                        echo "$check_param = \"${recom_value}\"" >> /etc/sysctl.conf 
                fi
                echo ${submit_yn}
        fi
done

# Recommand value = 1
recom_value="1"
for check_param in net.ipv4.icmp_echo_ignore_broadcasts net.ipv4.conf.all.log_martians net.ipv4.tcp_syncookies net.ipv4.tcp_window_scaling 
do
        check_param2=${check_param%*.*}
        check_param3=`echo ${check_param} | sed -e "s/${check_param2}//" | cut -c 2-`
        check_value=`sysctl -n ${check_param}`

        if [ "$check_value" -eq "${recom_value}" ]
        then 
                echo -e "${check_param3}\t${check_value}\t${recom_value}\t OK"
        else
                echo -e "${check_param3}\t${check_value}\t${recom_value}"
                read -s -n1 -p "    ${check_param3} ${check_value}->${recom_value} : Submit Now? (y/n) : " submit_yn
                if [ "$submit_yn" == "y" ]
                then
                        echo -e "\tsysctl -w ${check_param}=${recom_value}"
                        echo "$check_param = \"${recom_value}\"" >> /etc/sysctl.conf 
                fi
                echo ${submit_yn}
        fi
done


check_value=`sysctl -n .net.ipv4.ip_local_port_range`
echo -e "Port.Range\t${check_value}\t1024\t65535"
check_value=`sysctl -n .net.ipv4.tcp_max_syn_backlog`
echo -e "MAX.BackLog\t${check_value}\t1024"

check_value=`sysctl -n net.ipv4.tcp_max_tw_buckets`
echo -e "TcpTW.Buckets\t${check_value}\t65536"

# check : ulimit -a / sysctl -n fs.file-nr
check_value=`sysctl -n fs.file-max`
echo -e "FS.FileMax\t${check_value}\t77052"
check_value=`sysctl -n net.core.netdev_max_backlog`
echo -e "NetdevMxBackLog\t${check_value}\t30000"
check_value=`sysctl -n net.core.somaxconn`
echo -e "MaxConnections\t${check_value}\t1024"

echo "----------------------------------------------------------------------------"
free -m
echo "----------------------------------------------------------------------------"
swap_size=`free -m | grep -i swap | awk '{print $2}'`
if [ "$swap_size" -eq "0" ]
then
        echo -e "----------------------------------------------------------------------------"
        echo -e "\tmkdir /data"
        echo -e "\tdd if=/dev/zero of=/data/swapfile bs=1M count=[1024|2048|8192]"
        echo -e "\tmkswap /data/swapfile"
        echo -e "\tswapon /data/swapfile"
        echo -e "\tchmod 600 swapfile"
        echo -e "\t/data/swapfile swap swap defaults 0 0 >> /etc/fstab"
        echo -e "----------------------------------------------------------------------------"
fi

ulimit -a
echo "----------------------------------------------------------------------------"

echo "sysctl -p"

exit

select submit_yn in "y" "n"
do
echo $submit_yn
break
done

read submit_yn
echo ${submit_yn}


 

실행하면 체크한 파라미터 변경이 필요하면 (y/n) 으로 물어봅니다.

 

y 를 누르면 변경하게 됩니다.

 

system.check.01.jpg

 

system.check.02.jpg

 

 

 

* 추가

# /sbin/sysctl -w net/netfilter/nf_conntrack_tcp_loose=0
# /sbin/sysctl -w net/ipv4/tcp_timestamps=1
# /sbin/sysctl -w net/netfilter/nf_conntrack_max=2000000
# sh -c 'echo 2000000 > /sys/module/nf_conntrack/parameters/hashsize'