Global rate limit for tcp

src/freedombone-mesh-batman

@@ -89,6 +89,15 @@ if [ -e /etc/default/batctl ]; then
     . /etc/default/batctl
 fi
 
+function global_rate_limit {
+    if ! grep -q "tcp_challenge_ack_limit" /etc/sysctl.conf; then
+        echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >> /etc/sysctl.conf
+    else
+        sed -i 's|net.ipv4.tcp_challenge_ack_limit.*|net.ipv4.tcp_challenge_ack_limit = 999999999|g' /etc/sysctl.conf
+    fi
+    sysctl -p
+}
+
 function status {
     batctl o
 }
@@ -175,6 +184,8 @@ function start {
         sudo rm /etc/avahi/services/udisks.service
     fi
 
+    global_rate_limit
+
     # Might have to re-enable wifi
     rfkill unblock $(rfkill list|awk -F: "/phy/ {print $1}") || true
 

src/freedombone-mesh-reset

@@ -42,8 +42,12 @@ case $sel in
        sudo pkill iceweasel
        sudo ${PROJECT_NAME}-image-mesh $USER new
        sudo batman restart
+       if [ -f $HOME/mesh-desktop.sh ]; then
+           $HOME/mesh-desktop.sh
+       else
            dialog --title $"New Identity" \
                   --msgbox $"You now have a new identity" 6 40
+       fi
        ;;
 esac
 

src/freedombone-utils-firewall

@@ -37,6 +37,15 @@ function save_firewall_settings {
     chmod +x /etc/network/if-up.d/iptables
 }
 
+function global_rate_limit {
+    if ! grep -q "tcp_challenge_ack_limit" /etc/sysctl.conf; then
+        echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >> /etc/sysctl.conf
+    else
+        sed -i 's|net.ipv4.tcp_challenge_ack_limit.*|net.ipv4.tcp_challenge_ack_limit = 999999999|g' /etc/sysctl.conf
+    fi
+    sysctl -p
+}
+
 function enable_ipv6 {
     # endure that ipv6 is enabled and can route
     sed -i 's/net.ipv6.conf.all.disable_ipv6.*/net.ipv6.conf.all.disable_ipv6 = 0/g' /etc/sysctl.conf

src/freedombone-utils-setup

@@ -261,6 +261,9 @@ function setup_firewall {
 
     function_check configure_firewall_for_avahi
     configure_firewall_for_avahi
+
+    function_check global_rate_limit
+    global_rate_limit
 }
 
 function setup_utils {