From bf09fe16cc778746c9636c7dd3e596e2c790a7fe Mon Sep 17 00:00:00 2001 From: Mohit Mehta Date: Mon, 17 May 2010 15:23:22 -0700 Subject: Fix Bug 5588 Add ability to modify conntrack expectation table size * added 'firewall conntrack-expect-table-size' to modify expect table's size * added 'firewall conntrack-hash-size' to set hash size for conntrack table --- scripts/firewall/firewall.init.in | 3 +++ 1 file changed, 3 insertions(+) (limited to 'scripts') diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index d93b13c..22f48fd 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -92,6 +92,9 @@ start () { # set conntrack table size sysctl -q -w net.nf_conntrack_max=16384 + + # set conntrack expect table size + sysctl -q -w net.netfilter.nf_conntrack_expect_max=2048 } case "$ACTION" in -- cgit v1.2.3