27 lines
621 B
JSON
27 lines
621 B
JSON
{
|
|
"enable_services": [
|
|
"apparmor.service",
|
|
"auditd.service"
|
|
],
|
|
"sysctl": {
|
|
"fs.protected_hardlinks": "1",
|
|
"fs.protected_symlinks": "1",
|
|
"kernel.dmesg_restrict": "1",
|
|
"kernel.kptr_restrict": "2",
|
|
"kernel.unprivileged_bpf_disabled": "1",
|
|
"kernel.yama.ptrace_scope": "1",
|
|
"net.ipv4.conf.all.accept_redirects": "0",
|
|
"net.ipv4.conf.all.rp_filter": "1",
|
|
"net.ipv4.conf.default.accept_redirects": "0",
|
|
"net.ipv4.conf.default.rp_filter": "1"
|
|
},
|
|
"ufw": {
|
|
"allow": [
|
|
"OpenSSH"
|
|
],
|
|
"default_in": "deny",
|
|
"default_out": "allow",
|
|
"enable": true
|
|
}
|
|
}
|