From caf95a8362dc8f667d8aa0e7b10120b6c496552e Mon Sep 17 00:00:00 2001
From: Fijxu <fijxu@zzls.xyz>
Date: Sat, 3 Dec 2022 15:59:42 -0300
Subject: [PATCH] sysctl configs

---
 sysctl.d/internettweaks.conf | 45 ++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 sysctl.d/internettweaks.conf

diff --git a/sysctl.d/internettweaks.conf b/sysctl.d/internettweaks.conf
new file mode 100644
index 0000000..cf2c3ba
--- /dev/null
+++ b/sysctl.d/internettweaks.conf
@@ -0,0 +1,45 @@
+#TCP Tweaks
+net.ipv4.tcp_tw_reuse = 1
+net.ipv4.tcp_fastopn = 3
+net.ipv4.tcp_fin_timeout = 10
+
+# disable tcp timestamps to avoid leaking some system information
+# https://www.whonix.org/wiki/Disable_TCP_and_ICMP_Timestamps
+net.ipv4.tcp_timestamps=0
+
+#TCP BBR Congestion Control Algoritm
+net.core.default_qdisc = cake
+net.ipv4.tcp_congestion_control = bbr
+net.ipv4.tcp_notsent_lowat = 16384
+
+#Ignore ICMP Ping requests
+net.ipv4.icmp_echo_ignore_all = 1
+net.ipv6.icmp.echo_ignore_all = 1
+
+#Increase the memory dedicated to the network interfaces
+net.core.rmem_default = 1048576
+net.core.rmem_max = 16777216
+net.core.wmem_default = 1048576
+net.core.wmem_max = 16777216
+net.core.optmem_max = 65536
+net.ipv4.tcp_rmem = 4096 1048576 2097152
+net.ipv4.tcp_wmem = 4096 65536 16777216
+
+net.ipv4.udp_rmem_min = 8192
+net.ipv4.udp_wmem_min = 8192
+
+# increase aslr effectiveness for mmap
+# https://lwn.net/Articles/667790
+vm.mmap_rnd_bits=32
+vm.mmap_rnd_compat_bits=16
+
+#SYN Flood Protection
+
+net.ipv4.tcp_max_syn_backlog = 1024
+net.ipv4.tcp_syn_retries = 6
+net.ipv4.tcp_synack_retries = 3
+net.ipv4.tcp_syncookies = 1
+
+#Linux Netfilter Tweaks
+net.netfilter.nf_conntrack_tcp_timeout_time_wait=30
+net.netfilter.nf_conntrack_tcp_timeout_fin_wait=30