diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-05-25 20:35:45 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-05-25 20:35:45 +0200 |
| commit | 9a220d534356b20587058e6f7f6455004b059c05 (patch) | |
| tree | 7f4afa4a07ee30e780c592bedf4f01727dee4797 | |
| parent | 51df1cce804841a3868b0453db573d5462d9682f (diff) | |
| download | vyatta-conntrack-9a220d534356b20587058e6f7f6455004b059c05.tar.gz vyatta-conntrack-9a220d534356b20587058e6f7f6455004b059c05.zip | |
conntrack: T3535: call new Python helper script on table size changes
| -rw-r--r-- | templates-cfg/system/conntrack/node.def | 4 | ||||
| -rw-r--r-- | templates-cfg/system/conntrack/table-size/node.def | 12 |
2 files changed, 5 insertions, 11 deletions
diff --git a/templates-cfg/system/conntrack/node.def b/templates-cfg/system/conntrack/node.def index acffd98..f66d77d 100644 --- a/templates-cfg/system/conntrack/node.def +++ b/templates-cfg/system/conntrack/node.def @@ -8,7 +8,7 @@ delete: # set conntrack table size to standard 262144 entries if conntrack setti # set conntrack expect table size to standard 2048 entries if conntrack settings are removed sudo sysctl -q -w net/netfilter/nf_conntrack_expect_max=2048 - # set conntrack hash size to standard 32768 + # set conntrack hash size to standard 32768 if ! grep -q "nf_conntrack hashsize=32768$" /etc/modprobe.d/vyatta_nf_conntrack.conf then sudo sh -c "sed -i -e '/options nf_conntrack hashsize/d' \ @@ -20,5 +20,5 @@ delete: # set conntrack table size to standard 262144 entries if conntrack setti # need to restart conntrackd with updated conntrack table size if cli-shell-api existsActive service conntrack-sync; then - sudo /opt/vyatta/sbin/vyatta-conntrack-sync.pl --action=enable + /usr/libexec/vyos/conf_mode/conntrack_sync.py fi diff --git a/templates-cfg/system/conntrack/table-size/node.def b/templates-cfg/system/conntrack/table-size/node.def index 6fceb44..9f4da3f 100644 --- a/templates-cfg/system/conntrack/table-size/node.def +++ b/templates-cfg/system/conntrack/table-size/node.def @@ -1,6 +1,6 @@ # # Config template for: system conntrack table-size -# +# # Sets the size of the TCP connection tracking table in the netfilter # nf_conntrack module, which is used by firewall and NAT. The size of # this table determines how many TCP connections can be simultaneously @@ -18,7 +18,7 @@ type: u32 help: Size of connection tracking table -default: 262144 +default: 262144 val_help: u32:1-50000000; Number of entries allowed in connection tracking table @@ -28,11 +28,5 @@ update: sudo sysctl -q -w net/nf_conntrack_max=$VAR(@) # need to restart conntrackd with updated conntrack table size if cli-shell-api existsActive service conntrack-sync; then - sudo /opt/vyatta/sbin/vyatta-conntrack-sync.pl --action=enable + /usr/libexec/vyos/conf_mode/conntrack_sync.py fi - - - - - - |