summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMohit Mehta <mohit.mehta@vyatta.com>2009-05-27 13:59:04 -0700
committerMohit Mehta <mohit.mehta@vyatta.com>2009-05-27 13:59:04 -0700
commit4e3586d818580ecc8b9721f3bb47f3efa6d67a5e (patch)
tree10320afc9c5943c46487d502da0bf47f4a5f674a
parentda1827954741209c77c684c13bcc19360c56c1fe (diff)
downloadvyatta-cfg-firewall-4e3586d818580ecc8b9721f3bb47f3efa6d67a5e.tar.gz
vyatta-cfg-firewall-4e3586d818580ecc8b9721f3bb47f3efa6d67a5e.zip
explicitly set conntrack table size to 16384 on system boot
-rw-r--r--scripts/firewall/firewall.init.in3
1 files changed, 3 insertions, 0 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in
index 2c272d8..ea60955 100644
--- a/scripts/firewall/firewall.init.in
+++ b/scripts/firewall/firewall.init.in
@@ -79,6 +79,9 @@ start () {
# cases of packet loss where conntrack can not accurately track the
# connection state
sysctl -q -w net.netfilter.nf_conntrack_tcp_be_liberal=1
+
+ # set conntrack table size
+ sysctl -q -w net.nf_conntrack_max=16384
}
case "$ACTION" in