From 1681a2b0d725189b4f6f0d19a46d1e0721872f35 Mon Sep 17 00:00:00 2001
From: Xiao Pan <gky44px1999@gmail.com>
Date: Tue, 25 Jun 2024 17:20:32 -0700
Subject: init xyzaa

remove some xyzca specific configs and some xyzaa specific configs
---
 etc/sysctl.d/99-sysctl.conf | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 etc/sysctl.d/99-sysctl.conf

(limited to 'etc/sysctl.d/99-sysctl.conf')

diff --git a/etc/sysctl.d/99-sysctl.conf b/etc/sysctl.d/99-sysctl.conf
new file mode 100644
index 00000000..b9677c02
--- /dev/null
+++ b/etc/sysctl.d/99-sysctl.conf
@@ -0,0 +1,7 @@
+# at least `net.ipv4.ip_forward = 1` is needed for wireguard masquerade? to work. Without will result into can't ping ips, can't curl websites, browser can't visit websites
+# ka seems has this as default, maybe arch linux cloud-init image has this as default?
+# https://forums.rockylinux.org/t/wireguard-masquerade-wont-work/7752
+# https://wiki.archlinux.org/title/Nftables#NAT_with_port_forwarding
+# https://github.com/teddysun/across/blob/acef6b00a6ad062c0e99286ea136d1a246def644/wireguard.sh#L514-L522
+net.ipv4.ip_forward = 1
+net.ipv6.conf.all.forwarding = 1
-- 
cgit v1.2.3-70-g09d2