tcp.sh

#-----------------------------------------------------------|
# INTERFACE SETTINGS
# ==================
# Please understand these before changing them.
#-----------------------------------------------------------|

#load irc and ftp conntrack helpers if they exist
/sbin/modprobe ip_conntrack_irc &>/dev/null
/sbin/modprobe ip_conntrack_ftp &>/dev/null

#ip fowarding (these must be 1 to be able to forward packets between interfaces!)
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding

#tcp/ip stack tunings
echo "32768 61000" > /proc/sys/net/ipv4/ip_local_port_range
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
#echo 32768 > /proc/sys/net/ipv4/ip_conntrack_max
echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_time
echo 60 > /proc/sys/net/ipv4/tcp_fin_timeout
echo 1 > /proc/sys/net/ipv4/tcp_syn_retries
echo 1 > /proc/sys/net/ipv4/tcp_synack_retries
echo 1 > /proc/sys/net/ipv4/tcp_fack
echo 1 > /proc/sys/net/ipv4/tcp_sack
echo 1 > /proc/sys/net/ipv4/tcp_timestamps
echo 1 > /proc/sys/net/ipv4/tcp_window_scaling
echo 1 > /proc/sys/net/ipv4/tcp_rfc1337
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/all/arp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/log_martians
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route

#increase the default kernel tcp/ip stack memory settings
echo "4096 87380 8388608" > /proc/sys/net/ipv4/tcp_rmem
echo "4096 65536 8388608" > /proc/sys/net/ipv4/tcp_wmem
echo "8388608 8388608 8388608" > /proc/sys/net/ipv4/tcp_mem
echo 87380 > /proc/sys/net/core/rmem_default
echo 65536 > /proc/sys/net/core/wmem_default
echo 8388608 > /proc/sys/net/core/wmem_max
echo 8388608 > /proc/sys/net/core/rmem_max

#------------------------------------------------------------------------------------------|