summaryrefslogtreecommitdiff
path: root/doc/sync/notrack/conntrackd.conf
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2009-01-15 23:19:35 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2009-01-15 23:19:35 +0100
commitb28224b0326636ff5832b38817b7720f48070ee7 (patch)
treee1b6856b8c852d9c672af2559e17ecab78355246 /doc/sync/notrack/conntrackd.conf
parent4556b3fb39dd80e958ff70f3496d06ec04f3839d (diff)
downloadconntrack-tools-b28224b0326636ff5832b38817b7720f48070ee7.tar.gz
conntrack-tools-b28224b0326636ff5832b38817b7720f48070ee7.zip
run: limit the number of iterations over the event handling
Currently, the event handling can starve other event file descriptors. This patch limits the number of event handling iterations. The parameter is tunable via configuration file. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'doc/sync/notrack/conntrackd.conf')
-rw-r--r--doc/sync/notrack/conntrackd.conf11
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/sync/notrack/conntrackd.conf b/doc/sync/notrack/conntrackd.conf
index cbc26ee..4d03234 100644
--- a/doc/sync/notrack/conntrackd.conf
+++ b/doc/sync/notrack/conntrackd.conf
@@ -155,6 +155,17 @@ General {
SocketBufferSizeMaxGrowth 8388608
#
+ # The daemon prioritizes the handling of state-change events coming
+ # from the core. With this clause, you can set the maximum number of
+ # state-change events (those coming from kernel-space) that the daemon
+ # will handle after which it will handle other events coming from the
+ # network or userspace. A low value improves interactivity (in terms of
+ # real-time behaviour) at the cost of extra CPU consumption.
+ # Default (if not set) is 100.
+ #
+ # EventIterationLimit 100
+
+ #
# Event filtering: This clause allows you to filter certain traffic,
# There are currently three filter-sets: Protocol, Address and
# State. The filter is attached to an action that can be: Accept or