AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

server script fixes

Browse source
This commit is contained in:
pokamest 2021-03-25 23:26:59 +03:00
parent 99bfd56ef4
commit c6e75d5f86
3 changed files with 24 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

23
client/server_scripts/setup_firewall.sh
View file

@ -1,3 +1,24 @@
sudo sysctl -w net.ipv4.ip_forward=1
sudo iptables -P FORWARD ACCEPT
sudo iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
sudo iptables -C INPUT -p icmp --icmp-type echo-request -j DROP || sudo iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
# Tuning network
sudo sysctl fs.file-max=51200
sudo sysctl net.core.rmem_max=67108864
sudo sysctl net.core.wmem_max=67108864
sudo sysctl net.core.netdev_max_backlog=250000
sudo sysctl net.core.somaxconn=4096
sudo sysctl net.ipv4.tcp_syncookies=1
sudo sysctl net.ipv4.tcp_tw_reuse=1
sudo sysctl net.ipv4.tcp_tw_recycle=0
sudo sysctl net.ipv4.tcp_fin_timeout=30
sudo sysctl net.ipv4.tcp_keepalive_time=1200
sudo sysctl net.ipv4.ip_local_port_range="10000 65000"
sudo sysctl net.ipv4.tcp_max_syn_backlog=8192
sudo sysctl net.ipv4.tcp_max_tw_buckets=5000
sudo sysctl net.ipv4.tcp_fastopen=3
sudo sysctl net.ipv4.tcp_mem="25600 51200 102400"
sudo sysctl net.ipv4.tcp_rmem="4096 87380 67108864"
sudo sysctl net.ipv4.tcp_wmem="4096 65536 67108864"
sudo sysctl net.ipv4.tcp_mtu_probing=1
sudo sysctl net.ipv4.tcp_congestion_control=hybla

2
client/server_scripts/setup_openvpn_server.sh
View file

@ -1,7 +1,7 @@
# CONTAINER_NAME=... this var will be set in ServerController
# Don't run commands in background like sh -c "openvpn &"
pm_apt="/usr/bin/apt-get"; pm_yum="/usr/bin/yum"; if [[ -f "$pm_apt" ]]; then pm=$pm_apt; else pm=$pm_yum; fi; if [[ -f "/usr/bin/sudo" ]]; then $pm install -y -q sudo; fi
pm_apt="/usr/bin/apt-get"; pm_yum="/usr/bin/yum"; if [[ -f "$pm_apt" ]]; then pm=$pm_apt; else pm=$pm_yum; fi; if [[ ! -f "/usr/bin/sudo" ]]; then $pm update -y -q; $pm install -y -q sudo; fi
sudo iptables -P FORWARD ACCEPT
pm_apt="/usr/bin/apt-get"; pm_yum="/usr/bin/yum"; if [[ -f "$pm_apt" ]]; then pm=$pm_apt; else pm=$pm_yum; fi; sudo $pm update -y -q

2
client/server_scripts/setup_shadowsocks_server.sh
View file

@ -1,7 +1,7 @@
# CONTAINER_NAME=... this var will be set in ServerController
# Don't run commands in background like sh -c "openvpn &"
pm_apt="/usr/bin/apt-get"; pm_yum="/usr/bin/yum"; if [[ -f "$pm_apt" ]]; then pm=$pm_apt; else pm=$pm_yum; fi; if [[ -f "/usr/bin/sudo" ]]; then $pm install -y -q sudo; fi
pm_apt="/usr/bin/apt-get"; pm_yum="/usr/bin/yum"; if [[ -f "$pm_apt" ]]; then pm=$pm_apt; else pm=$pm_yum; fi; if [[ ! -f "/usr/bin/sudo" ]]; then $pm update -y -q; $pm install -y -q sudo; fi
sudo iptables -P FORWARD ACCEPT
pm_apt="/usr/bin/apt-get"; pm_yum="/usr/bin/yum"; if [[ -f "$pm_apt" ]]; then pm=$pm_apt; else pm=$pm_yum; fi; sudo $pm update -y -q