From 54aa0b5523bf032a0c02a5b09c8af499eb7c0f61 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Wed, 10 Aug 2016 22:22:05 +0100
Subject: [PATCH] Global rate limit for client

---
 src/freedombone-client | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/freedombone-client b/src/freedombone-client
index 9b323d1c..787ce416 100755
--- a/src/freedombone-client
+++ b/src/freedombone-client
@@ -57,6 +57,18 @@ SSH_HOST_KEY_ALGORITHMS=$(cat $MAIN_PROJECT_FILE | grep 'SSH_HOST_KEY_ALGORITHMS
 # refresh gpg keys every few hours
 REFRESH_GPG_KEYS_HOURS=2
 
+function global_rate_limit {
+    sudo cp /etc/sysctl.conf ~/sysctl.conf
+    if ! grep -q "tcp_challenge_ack_limit" ~/sysctl.conf; then
+        echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >> ~/sysctl.conf
+    else
+        sed -i 's|net.ipv4.tcp_challenge_ack_limit.*|net.ipv4.tcp_challenge_ack_limit = 999999999|g' ~/sysctl.conf
+    fi
+    sudo cp ~/sysctl.conf /etc/sysctl.conf
+    sudo rm ~/sysctl.conf
+    sudo sysctl -p
+}
+
 function refresh_gpg_keys {
     if [ ! -f /usr/bin/gpg ]; then
         sudo apt-get -y install gnupg
@@ -188,6 +200,7 @@ done
 echo $'Configuring client'
 refresh_gpg_keys
 configure_ssh_client
+global_rate_limit
 configure_monkeysphere
 if [[ $MESH_CLIENT_INSTALL == $'yes' || $MESH_CLIENT_INSTALL == $'y' || $MESH_CLIENT_INSTALL == $'on' ]]; then
     echo $'Installing mesh packages'