diff options
| author | Alex Harpin <development@landsofshadow.co.uk> | 2015-10-02 07:43:42 +0100 |
|---|---|---|
| committer | Alex Harpin <development@landsofshadow.co.uk> | 2015-10-02 07:43:42 +0100 |
| commit | ef5ae91676c8ada2a12ea72f889a54452dd94981 (patch) | |
| tree | 0a962905ab9d0c2322f627928521a10c4cb5e20f /doc/helper/conntrackd.conf | |
| parent | 9f9a63cecdc6ac4f449d3eacda6c591f0de9fbf3 (diff) | |
| parent | 8845f3db20c951fcf1db3229a818cfd185f17f2e (diff) | |
| download | conntrack-tools-ef5ae91676c8ada2a12ea72f889a54452dd94981.tar.gz conntrack-tools-ef5ae91676c8ada2a12ea72f889a54452dd94981.zip | |
Merge remote-tracking branch 'source/master' into upstreamupstream
Diffstat (limited to 'doc/helper/conntrackd.conf')
| -rw-r--r-- | doc/helper/conntrackd.conf | 132 |
1 files changed, 132 insertions, 0 deletions
diff --git a/doc/helper/conntrackd.conf b/doc/helper/conntrackd.conf new file mode 100644 index 0000000..5c07509 --- /dev/null +++ b/doc/helper/conntrackd.conf @@ -0,0 +1,132 @@ +# +# Helper settings +# + +Helper { + # Before this, you have to make sure you have registered the `ftp' + # user-space helper stub via: + # + # nfct add helper ftp inet tcp + # + Type ftp inet tcp { + # + # Set NFQUEUE number you want to use to receive traffic from + # the kernel. + # + QueueNum 0 + + # + # Maximum number of packets waiting in the queue to receive + # a verdict from user-space. Default is 1024. + # + # Rise value if you hit the following error message: + # "nf_queue: full at X entries, dropping packets(s)" + # + QueueLen 10240 + + # + # Set the Expectation policy for this helper. + # + Policy ftp { + # + # Maximum number of simultaneous expectations + # + ExpectMax 1 + # + # Maximum living time for one expectation (in seconds). + # + ExpectTimeout 300 + } + } + Type rpc inet tcp { + QueueNum 1 + QueueLen 10240 + Policy rpc { + ExpectMax 1 + ExpectTimeout 300 + } + } + Type rpc inet udp { + QueueNum 2 + QueueLen 10240 + Policy rpc { + ExpectMax 1 + ExpectTimeout 300 + } + } + Type tns inet tcp { + QueueNum 3 + QueueLen 10240 + Policy tns { + ExpectMax 1 + ExpectTimeout 300 + } + } + Type dhcpv6 inet6 udp { + QueueNum 4 + QueueLen 10240 + Policy dhcpv6 { + ExpectMax 1 + ExpectTimeout 300 + } + } + Type ssdp inet udp { + QueueNum 5 + QueueLen 10240 + Policy ssdp { + ExpectMax 1 + ExpectTimeout 300 + } + } +} + +# +# General settings +# +General { + # + # Set the nice value of the daemon, this value goes from -20 + # (most favorable scheduling) to 19 (least favorable). Using a + # very low value reduces the chances to lose state-change events. + # Default is 0 but this example file sets it to most favourable + # scheduling as this is generally a good idea. See man nice(1) for + # more information. + # + Nice -20 + + # + # Select a different scheduler for the daemon, you can select between + # RR and FIFO and the process priority (minimum is 0, maximum is 99). + # See man sched_setscheduler(2) for more information. Using a RT + # scheduler reduces the chances to overrun the Netlink buffer. + # + # Scheduler { + # Type FIFO + # Priority 99 + # } + + # + # Logfile: on (/var/log/conntrackd.log), off, or a filename + # Default: off + # + LogFile on + + # + # Syslog: on, off or a facility name (daemon (default) or local0..7) + # Default: off + # + #Syslog on + + # + # Lockfile + # + LockFile /var/lock/conntrack.lock + + # + # Unix socket configuration + # + UNIX { + Path /var/run/conntrackd.ctl + Backlog 20 + } +} |