diff options
Diffstat (limited to 'templates-cfg/system/conntrack/timeout')
15 files changed, 159 insertions, 0 deletions
diff --git a/templates-cfg/system/conntrack/timeout/icmp/node.def b/templates-cfg/system/conntrack/timeout/icmp/node.def new file mode 100644 index 0000000..952178e --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/icmp/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: ICMP timeout in seconds + +default: 30 + +val_help: u32:1-21474836; ICMP timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_icmp_timeout=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_icmp_timeout=30 diff --git a/templates-cfg/system/conntrack/timeout/node.def b/templates-cfg/system/conntrack/timeout/node.def new file mode 100644 index 0000000..f0193c6 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/node.def @@ -0,0 +1 @@ +help: Connection timeout options
\ No newline at end of file diff --git a/templates-cfg/system/conntrack/timeout/other/node.def b/templates-cfg/system/conntrack/timeout/other/node.def new file mode 100644 index 0000000..a794bb7 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/other/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: Generic connection timeout in seconds + +default: 600 + +val_help: u32:1-21474836; Generic connection timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_generic_timeout=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_generic_timeout=600 diff --git a/templates-cfg/system/conntrack/timeout/tcp/close-wait/node.def b/templates-cfg/system/conntrack/timeout/tcp/close-wait/node.def new file mode 100644 index 0000000..0491b68 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/close-wait/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: TCP CLOSE-WAIT timeout in seconds + +default: 60 + +val_help: u32:1-21474836; TCP CLOSE-WAIT timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close_wait=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close_wait=60 diff --git a/templates-cfg/system/conntrack/timeout/tcp/close/node.def b/templates-cfg/system/conntrack/timeout/tcp/close/node.def new file mode 100644 index 0000000..38317d5 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/close/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: TCP CLOSE timeout in seconds + +default: 10 + +val_help: u32:1-21474836; TCP CLOSE timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close=10 diff --git a/templates-cfg/system/conntrack/timeout/tcp/established/node.def b/templates-cfg/system/conntrack/timeout/tcp/established/node.def new file mode 100644 index 0000000..9e47f1e --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/established/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: TCP ESTABLISHED timeout in seconds + +default: 432000 + +val_help: u32:1-21474836; TCP ESTABLISHED timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_established=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_established=432000 diff --git a/templates-cfg/system/conntrack/timeout/tcp/fin-wait/node.def b/templates-cfg/system/conntrack/timeout/tcp/fin-wait/node.def new file mode 100644 index 0000000..985a6a4 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/fin-wait/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: TCP FIN-WAIT timeout in seconds + +default: 120 + +val_help: u32:1-21474836; TCP FIN-WAIT timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_fin_wait=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_fin_wait=120 diff --git a/templates-cfg/system/conntrack/timeout/tcp/last-ack/node.def b/templates-cfg/system/conntrack/timeout/tcp/last-ack/node.def new file mode 100644 index 0000000..3e07fe4 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/last-ack/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: TCP LAST-ACK timeout in seconds + +default: 30 + +val_help: u32:1-21474836; TCP LAST-ACK timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_last_ack=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_last_ack=30 diff --git a/templates-cfg/system/conntrack/timeout/tcp/node.def b/templates-cfg/system/conntrack/timeout/tcp/node.def new file mode 100644 index 0000000..2b67c51 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/node.def @@ -0,0 +1 @@ +help: TCP connection timeout options
\ No newline at end of file diff --git a/templates-cfg/system/conntrack/timeout/tcp/syn-recv/node.def b/templates-cfg/system/conntrack/timeout/tcp/syn-recv/node.def new file mode 100644 index 0000000..50c5512 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/syn-recv/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: TCP SYN-RECEIVED timeout in seconds + +default: 60 + +val_help: u32:1-21474836; TCP SYN-RECEIVED timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_recv=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_recv=60 diff --git a/templates-cfg/system/conntrack/timeout/tcp/syn-sent/node.def b/templates-cfg/system/conntrack/timeout/tcp/syn-sent/node.def new file mode 100644 index 0000000..5856ba7 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/syn-sent/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: TCP SYN-SENT timeout in seconds + +default: 120 + +val_help: u32:1-21474836; TCP SYN-SENT timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_sent=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_sent=120 diff --git a/templates-cfg/system/conntrack/timeout/tcp/time-wait/node.def b/templates-cfg/system/conntrack/timeout/tcp/time-wait/node.def new file mode 100644 index 0000000..f6bd1c8 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/tcp/time-wait/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: TCP TIME-WAIT timeout in seconds + +default: 120 + +val_help: u32:1-21474836; TCP TIME-WAIT timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_time_wait=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_time_wait=120 diff --git a/templates-cfg/system/conntrack/timeout/udp/node.def b/templates-cfg/system/conntrack/timeout/udp/node.def new file mode 100644 index 0000000..7ee8fd3 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/udp/node.def @@ -0,0 +1 @@ +help: UDP timeout
\ No newline at end of file diff --git a/templates-cfg/system/conntrack/timeout/udp/other/node.def b/templates-cfg/system/conntrack/timeout/udp/other/node.def new file mode 100644 index 0000000..0018f1c --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/udp/other/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: UDP generic timeout in seconds + +default: 30 + +val_help: u32:1-21474836; UDP generic timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_udp_timeout=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_udp_timeout=30 diff --git a/templates-cfg/system/conntrack/timeout/udp/stream/node.def b/templates-cfg/system/conntrack/timeout/udp/stream/node.def new file mode 100644 index 0000000..d86e683 --- /dev/null +++ b/templates-cfg/system/conntrack/timeout/udp/stream/node.def @@ -0,0 +1,13 @@ +type: u32 + +help: UDP stream timeout in seconds + +default: 180 + +val_help: u32:1-21474836; UDP stream timeout in seconds + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836" + +update: sudo sysctl -q -w net/netfilter/nf_conntrack_udp_timeout_stream=$VAR(@) + +delete: sudo sysctl -q -w net/netfilter/nf_conntrack_udp_timeout_stream=180 |