From 4e3586d818580ecc8b9721f3bb47f3efa6d67a5e Mon Sep 17 00:00:00 2001 From: Mohit Mehta Date: Wed, 27 May 2009 13:59:04 -0700 Subject: explicitly set conntrack table size to 16384 on system boot --- scripts/firewall/firewall.init.in | 3 +++ 1 file changed, 3 insertions(+) (limited to 'scripts') diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index 2c272d8..ea60955 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -79,6 +79,9 @@ start () { # cases of packet loss where conntrack can not accurately track the # connection state sysctl -q -w net.netfilter.nf_conntrack_tcp_be_liberal=1 + + # set conntrack table size + sysctl -q -w net.nf_conntrack_max=16384 } case "$ACTION" in -- cgit v1.2.3