diff --git a/etc/sysctl.d/10-default.conf b/etc/sysctl.d/10-default.conf
new file mode 100644
index 0000000..a4c998a
--- /dev/null
+++ b/etc/sysctl.d/10-default.conf
@@ -0,0 +1,29 @@
+# Do not edit, changes to this file will be lost on upgrades
+# /etc/sysctl.conf can be used to customize sysctl settings
+
+kernel.panic=3
+kernel.core_pattern=/tmp/%e.%t.%p.%s.core
+fs.suid_dumpable=2
+
+fs.protected_hardlinks=1
+fs.protected_symlinks=1
+
+net.core.bpf_jit_enable=1
+net.core.bpf_jit_kallsyms=1
+
+net.ipv4.conf.default.arp_ignore=1
+net.ipv4.conf.all.arp_ignore=1
+net.ipv4.ip_forward=1
+net.ipv4.icmp_echo_ignore_broadcasts=1
+net.ipv4.icmp_ignore_bogus_error_responses=1
+net.ipv4.igmp_max_memberships=100
+net.ipv4.tcp_fin_timeout=30
+net.ipv4.tcp_keepalive_time=120
+net.ipv4.tcp_syncookies=1
+net.ipv4.tcp_timestamps=1
+net.ipv4.tcp_sack=1
+net.ipv4.tcp_dsack=1
+net.ipv4.tcp_max_syn_backlog=8192
+
+net.ipv6.conf.default.forwarding=1
+net.ipv6.conf.all.forwarding=1