base-files: tune fragment queue thresholds for available system memory

The default fragment low/high thresholds are 3 and 4 MB. On devices with
only 32MB RAM, these settings may lead to OOM when many fragments that
cannot be reassembled are received. Decrease fragment low/high thresholds
to 384 and 512 kB on devices with less than 64 MB RAM.

Signed-off-by: Matthias Schiffer <[email protected]>

package/base-files/Makefile

@@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/version.mk
 include $(INCLUDE_DIR)/feeds.mk
 
 PKG_NAME:=base-files
-PKG_RELEASE:=185
+PKG_RELEASE:=186
 PKG_FLAGS:=nonshared
 
 PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/

package/base-files/files/etc/init.d/sysctl

@@ -3,22 +3,33 @@
 
 START=11
 
-set_vm_min_free() {
-	mem="$(grep MemTotal /proc/meminfo  | awk '{print $2}')"
+apply_defaults() {
+	local mem="$(awk '/^MemTotal:/ {print $2}' /proc/meminfo)"
+	local min_free frag_low_thresh frag_high_thresh
+
 	if [ "$mem" -gt 65536 ]; then # 128M
-		val=16384
+		min_free=16384
 	elif [ "$mem" -gt 32768 ]; then # 64M
-		val=8192
-	elif [ "$mem" -gt 16384 ]; then # 32M
-		val=1024
+		min_free=8192
 	else
-		return
+		min_free=1024
+		frag_low_thresh=393216
+		frag_high_thresh=524288
 	fi
-	sysctl -qw vm.min_free_kbytes="$val"
+
+	sysctl -qw vm.min_free_kbytes="$min_free"
+
+	[ "$frag_low_thresh" ] && sysctl -qw \
+		net.ipv4.ipfrag_low_thresh="$frag_low_thresh" \
+		net.ipv4.ipfrag_high_thresh="$frag_high_thresh" \
+		net.ipv6.ip6frag_low_thresh="$frag_low_thresh" \
+		net.ipv6.ip6frag_high_thresh="$frag_high_thresh" \
+		net.netfilter.nf_conntrack_frag6_low_thresh="$frag_low_thresh" \
+		net.netfilter.nf_conntrack_frag6_high_thresh="$frag_high_thresh"
 }
 
 start() {
-	set_vm_min_free
+	apply_defaults
 	for CONF in /etc/sysctl.conf /etc/sysctl.d/*.conf; do
 		[ -f "$CONF" ] && sysctl -p "$CONF" -e >&-
 	done