3 files changed, 1 insertions, 102 deletions
diff --git a/Makefile.am b/Makefile.am
index 1978c90a..25ecd23f 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -63,7 +63,6 @@ sysconf_DATA += sysconf/issue.net
 sysconf_DATA += sysconf/motd.tail
 sysconf_DATA += sysconf/rsyslog.conf
 sysconf_DATA += sysconf/securetty
-sysconf_DATA += sysconf/vyatta-sysctl.conf
 sysconf_DATA += sysconf/level
 sysconf_DATA += sysconf/filecaps
 sysconf_DATA += sysconf/capability.conf
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index be73a3ba..d6ea7c53 100755
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -65,9 +65,7 @@ if [ "$sysconfdir" != "/etc" ]; then
         fi
     done
 
-    cp $sysconfdir/vyatta-sysctl.conf /etc/sysctl.d/30-vyatta-router.conf
-
-     # Set file capabilities
+    # Set file capabilities
     sed -r -e '/^#/d' -e '/^[[:blank:]]*$/d' < $sysconfdir/filecaps | \
     while read capability path; do
        touch -c $path
diff --git a/sysconf/vyatta-sysctl.conf b/sysconf/vyatta-sysctl.conf
deleted file mode 100644
index e336ddbb..00000000
--- a/sysconf/vyatta-sysctl.conf
+++ /dev/null
@@ -1,98 +0,0 @@
-#
-# Vyatta router specific sysctl settings.
-# See sysctl.conf (5) for information.
-#
-
-# Panic on OOPS
-kernel.panic_on_oops=1
-
-# Timeout before rebooting on panic
-kernel.panic=60
-
-# Send all core files to /var/core/core.program.pid.time
-kernel.core_pattern=/var/core/core-%e-%p-%t
-
-# ARP configuration
-#  arp_filter - allow multiple network interfaces on same subnet
-#  arp_announce - avoid local addresses no on target's subnet
-#  arp_ignore - reply only if target IP is local_address on the interface
-
-#  arp_filter defaults to 1 so set all to 0 so vrrp interfaces can override it.
-net.ipv4.conf.all.arp_filter=0
-
-# https://phabricator.vyos.net/T300
-net.ipv4.conf.all.arp_ignore=0
-
-net.ipv4.conf.all.arp_announce=2
-
-# Enable packet forwarding for IPv4
-net.ipv4.ip_forward=1
-
-# if a primary address is removed from an interface promote the
-# secondary address if available
-net.ipv4.conf.all.promote_secondaries=1
-
-# Ignore ICMP broadcasts sent to broadcast/multicast
-net.ipv4.icmp_echo_ignore_broadcasts=1
-
-# Ignore bogus ICMP errors
-net.ipv4.icmp_ignore_bogus_error_responses=1
-
-# Send ICMP responses with primary address of exiting interface
-net.ipv4.icmp_errors_use_inbound_ifaddr=1
-
-# Log packets with impossible addresses to kernel log
-net.ipv4.conf.all.log_martians=1
-
-# Do not ignore all ICMP ECHO requests by default
-net.ipv4.icmp_echo_ignore_all=0
-
-# Disable source validation by default
-net.ipv4.conf.all.rp_filter=0
-net.ipv4.conf.default.rp_filter=0
-
-# Enable tcp syn-cookies by default
-net.ipv4.tcp_syncookies=1
-
-# Disable accept_redirects by default for any interface
-net.ipv4.conf.all.accept_redirects=0
-net.ipv4.conf.default.accept_redirects=0
-net.ipv6.conf.all.accept_redirects=0
-net.ipv6.conf.default.accept_redirects=0
-
-# Disable accept_source_route by default
-net.ipv4.conf.all.accept_source_route=0
-net.ipv4.conf.default.accept_source_route=0
-net.ipv6.conf.all.accept_source_route=0
-net.ipv6.conf.default.accept_source_route=0
-
-# Enable send_redirects by default
-net.ipv4.conf.all.send_redirects=1
-
-# Increase size of buffer for netlink
-net.core.rmem_max=2097152
-
-# Enable packet forwarding for IPv6
-net.ipv6.conf.all.forwarding=1
-
-# Increase route table limit
-net.ipv6.route.max_size = 262144
-
-# Do not forget IPv6 addresses when a link goes down
-net.ipv6.conf.default.keep_addr_on_down=1
-net.ipv6.conf.all.keep_addr_on_down=1
-
-# Default value of 20 seems to interfere with larger OSPF and VRRP setups
-net.ipv4.igmp_max_memberships = 512
-
-# Enable conntrack helper by default
-net.netfilter.nf_conntrack_helper=1
-
-# Increase default garbage collection thresholds
-net.ipv4.neigh.default.gc_thresh1 = 1024
-net.ipv4.neigh.default.gc_thresh2 = 4096
-net.ipv4.neigh.default.gc_thresh3 = 8192
-#
-net.ipv6.neigh.default.gc_thresh1 = 1024
-net.ipv6.neigh.default.gc_thresh2 = 4096
-net.ipv6.neigh.default.gc_thresh3 = 8192