explicitly set conntrack table size to 16384 on system boot

author: Mohit Mehta <mohit.mehta@vyatta.com> 2009-05-27 13:59:04 -0700
committer: Mohit Mehta <mohit.mehta@vyatta.com> 2009-05-27 13:59:04 -0700
commit: 4e3586d818580ecc8b9721f3bb47f3efa6d67a5e (patch)
tree: 10320afc9c5943c46487d502da0bf47f4a5f674a /scripts/firewall/firewall.init.in
parent: da1827954741209c77c684c13bcc19360c56c1fe (diff)
download: vyatta-cfg-firewall-4e3586d818580ecc8b9721f3bb47f3efa6d67a5e.tar.gz
vyatta-cfg-firewall-4e3586d818580ecc8b9721f3bb47f3efa6d67a5e.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in
index 2c272d8..ea60955 100644
--- a/scripts/firewall/firewall.init.in
+++ b/scripts/firewall/firewall.init.in
@@ -79,6 +79,9 @@ start () {
     # cases of packet loss where conntrack can not accurately track the
     # connection state
     sysctl -q -w net.netfilter.nf_conntrack_tcp_be_liberal=1
+    
+    # set conntrack table size
+    sysctl -q -w net.nf_conntrack_max=16384
 }
 
 case "$ACTION" in
author	Mohit Mehta <mohit.mehta@vyatta.com>	2009-05-27 13:59:04 -0700
committer	Mohit Mehta <mohit.mehta@vyatta.com>	2009-05-27 13:59:04 -0700
commit	4e3586d818580ecc8b9721f3bb47f3efa6d67a5e (patch)
tree	10320afc9c5943c46487d502da0bf47f4a5f674a /scripts/firewall/firewall.init.in
parent	da1827954741209c77c684c13bcc19360c56c1fe (diff)
download	vyatta-cfg-firewall-4e3586d818580ecc8b9721f3bb47f3efa6d67a5e.tar.gz vyatta-cfg-firewall-4e3586d818580ecc8b9721f3bb47f3efa6d67a5e.zip