summaryrefslogtreecommitdiff
path: root/templates-cfg/system/conntrack/timeout
diff options
context:
space:
mode:
Diffstat (limited to 'templates-cfg/system/conntrack/timeout')
-rw-r--r--templates-cfg/system/conntrack/timeout/icmp/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/node.def1
-rw-r--r--templates-cfg/system/conntrack/timeout/other/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/close-wait/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/close/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/established/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/fin-wait/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/last-ack/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/node.def1
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/syn-recv/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/syn-sent/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/tcp/time-wait/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/udp/node.def1
-rw-r--r--templates-cfg/system/conntrack/timeout/udp/other/node.def13
-rw-r--r--templates-cfg/system/conntrack/timeout/udp/stream/node.def13
15 files changed, 159 insertions, 0 deletions
diff --git a/templates-cfg/system/conntrack/timeout/icmp/node.def b/templates-cfg/system/conntrack/timeout/icmp/node.def
new file mode 100644
index 0000000..952178e
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/icmp/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: ICMP timeout in seconds
+
+default: 30
+
+val_help: u32:1-21474836; ICMP timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_icmp_timeout=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_icmp_timeout=30
diff --git a/templates-cfg/system/conntrack/timeout/node.def b/templates-cfg/system/conntrack/timeout/node.def
new file mode 100644
index 0000000..f0193c6
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/node.def
@@ -0,0 +1 @@
+help: Connection timeout options \ No newline at end of file
diff --git a/templates-cfg/system/conntrack/timeout/other/node.def b/templates-cfg/system/conntrack/timeout/other/node.def
new file mode 100644
index 0000000..a794bb7
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/other/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: Generic connection timeout in seconds
+
+default: 600
+
+val_help: u32:1-21474836; Generic connection timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_generic_timeout=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_generic_timeout=600
diff --git a/templates-cfg/system/conntrack/timeout/tcp/close-wait/node.def b/templates-cfg/system/conntrack/timeout/tcp/close-wait/node.def
new file mode 100644
index 0000000..0491b68
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/close-wait/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: TCP CLOSE-WAIT timeout in seconds
+
+default: 60
+
+val_help: u32:1-21474836; TCP CLOSE-WAIT timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close_wait=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close_wait=60
diff --git a/templates-cfg/system/conntrack/timeout/tcp/close/node.def b/templates-cfg/system/conntrack/timeout/tcp/close/node.def
new file mode 100644
index 0000000..38317d5
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/close/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: TCP CLOSE timeout in seconds
+
+default: 10
+
+val_help: u32:1-21474836; TCP CLOSE timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close=10
diff --git a/templates-cfg/system/conntrack/timeout/tcp/established/node.def b/templates-cfg/system/conntrack/timeout/tcp/established/node.def
new file mode 100644
index 0000000..9e47f1e
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/established/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: TCP ESTABLISHED timeout in seconds
+
+default: 432000
+
+val_help: u32:1-21474836; TCP ESTABLISHED timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_established=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_established=432000
diff --git a/templates-cfg/system/conntrack/timeout/tcp/fin-wait/node.def b/templates-cfg/system/conntrack/timeout/tcp/fin-wait/node.def
new file mode 100644
index 0000000..985a6a4
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/fin-wait/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: TCP FIN-WAIT timeout in seconds
+
+default: 120
+
+val_help: u32:1-21474836; TCP FIN-WAIT timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_fin_wait=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_fin_wait=120
diff --git a/templates-cfg/system/conntrack/timeout/tcp/last-ack/node.def b/templates-cfg/system/conntrack/timeout/tcp/last-ack/node.def
new file mode 100644
index 0000000..3e07fe4
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/last-ack/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: TCP LAST-ACK timeout in seconds
+
+default: 30
+
+val_help: u32:1-21474836; TCP LAST-ACK timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_last_ack=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_last_ack=30
diff --git a/templates-cfg/system/conntrack/timeout/tcp/node.def b/templates-cfg/system/conntrack/timeout/tcp/node.def
new file mode 100644
index 0000000..2b67c51
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/node.def
@@ -0,0 +1 @@
+help: TCP connection timeout options \ No newline at end of file
diff --git a/templates-cfg/system/conntrack/timeout/tcp/syn-recv/node.def b/templates-cfg/system/conntrack/timeout/tcp/syn-recv/node.def
new file mode 100644
index 0000000..50c5512
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/syn-recv/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: TCP SYN-RECEIVED timeout in seconds
+
+default: 60
+
+val_help: u32:1-21474836; TCP SYN-RECEIVED timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_recv=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_recv=60
diff --git a/templates-cfg/system/conntrack/timeout/tcp/syn-sent/node.def b/templates-cfg/system/conntrack/timeout/tcp/syn-sent/node.def
new file mode 100644
index 0000000..5856ba7
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/syn-sent/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: TCP SYN-SENT timeout in seconds
+
+default: 120
+
+val_help: u32:1-21474836; TCP SYN-SENT timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_sent=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_sent=120
diff --git a/templates-cfg/system/conntrack/timeout/tcp/time-wait/node.def b/templates-cfg/system/conntrack/timeout/tcp/time-wait/node.def
new file mode 100644
index 0000000..f6bd1c8
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/tcp/time-wait/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: TCP TIME-WAIT timeout in seconds
+
+default: 120
+
+val_help: u32:1-21474836; TCP TIME-WAIT timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_time_wait=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_time_wait=120
diff --git a/templates-cfg/system/conntrack/timeout/udp/node.def b/templates-cfg/system/conntrack/timeout/udp/node.def
new file mode 100644
index 0000000..7ee8fd3
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/udp/node.def
@@ -0,0 +1 @@
+help: UDP timeout \ No newline at end of file
diff --git a/templates-cfg/system/conntrack/timeout/udp/other/node.def b/templates-cfg/system/conntrack/timeout/udp/other/node.def
new file mode 100644
index 0000000..0018f1c
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/udp/other/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: UDP generic timeout in seconds
+
+default: 30
+
+val_help: u32:1-21474836; UDP generic timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_udp_timeout=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_udp_timeout=30
diff --git a/templates-cfg/system/conntrack/timeout/udp/stream/node.def b/templates-cfg/system/conntrack/timeout/udp/stream/node.def
new file mode 100644
index 0000000..d86e683
--- /dev/null
+++ b/templates-cfg/system/conntrack/timeout/udp/stream/node.def
@@ -0,0 +1,13 @@
+type: u32
+
+help: UDP stream timeout in seconds
+
+default: 180
+
+val_help: u32:1-21474836; UDP stream timeout in seconds
+
+syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
+
+update: sudo sysctl -q -w net/netfilter/nf_conntrack_udp_timeout_stream=$VAR(@)
+
+delete: sudo sysctl -q -w net/netfilter/nf_conntrack_udp_timeout_stream=180