init xyzaa

remove some xyzca specific configs and some xyzaa specific configs
author: Xiao Pan <gky44px1999@gmail.com> 2024-06-25 17:20:32 -0700
committer: Xiao Pan <gky44px1999@gmail.com> 2024-06-25 17:20:32 -0700
commit: 1681a2b0d725189b4f6f0d19a46d1e0721872f35 (patch)
tree: 7e79b5c6694ffac3d0ad40de344e6e42c6eaf7c0 /etc/sysctl.d/99-sysctl.conf
parent: a15d7097e161a914810e4d8f0ce48578a8224751 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/etc/sysctl.d/99-sysctl.conf b/etc/sysctl.d/99-sysctl.conf
new file mode 100644
index 00000000..b9677c02
--- /dev/null
+++ b/etc/sysctl.d/99-sysctl.conf
@@ -0,0 +1,7 @@
+# at least `net.ipv4.ip_forward = 1` is needed for wireguard masquerade? to work. Without will result into can't ping ips, can't curl websites, browser can't visit websites
+# ka seems has this as default, maybe arch linux cloud-init image has this as default?
+# https://forums.rockylinux.org/t/wireguard-masquerade-wont-work/7752
+# https://wiki.archlinux.org/title/Nftables#NAT_with_port_forwarding
+# https://github.com/teddysun/across/blob/acef6b00a6ad062c0e99286ea136d1a246def644/wireguard.sh#L514-L522
+net.ipv4.ip_forward = 1
+net.ipv6.conf.all.forwarding = 1
author	Xiao Pan <gky44px1999@gmail.com>	2024-06-25 17:20:32 -0700
committer	Xiao Pan <gky44px1999@gmail.com>	2024-06-25 17:20:32 -0700
commit	1681a2b0d725189b4f6f0d19a46d1e0721872f35 (patch)
tree	7e79b5c6694ffac3d0ad40de344e6e42c6eaf7c0 /etc/sysctl.d/99-sysctl.conf
parent	a15d7097e161a914810e4d8f0ce48578a8224751 (diff)