From 821ec86eba3cef12188c060f1813aa3989b3b9f7 Mon Sep 17 00:00:00 2001
From: Gaurav <gaurav.sinha@vyatta.com>
Date: Wed, 22 Feb 2012 17:08:47 -0800
Subject: Fixing templates to avoid defaults since these rules override the
 global defaults (cherry picked from commit
 d94051fce5433de66860d762fc0a7aa7186564d9)

---
 .../timeout/custom/rule/node.tag/protocol/tcp/close-wait/node.def    | 5 -----
 .../timeout/custom/rule/node.tag/protocol/tcp/close/node.def         | 5 -----
 .../timeout/custom/rule/node.tag/protocol/tcp/established/node.def   | 5 -----
 .../timeout/custom/rule/node.tag/protocol/tcp/fin-wait/node.def      | 5 -----
 .../timeout/custom/rule/node.tag/protocol/tcp/last-ack/node.def      | 5 -----
 .../timeout/custom/rule/node.tag/protocol/tcp/syn-recv/node.def      | 5 -----
 .../timeout/custom/rule/node.tag/protocol/tcp/syn-sent/node.def      | 5 -----
 .../timeout/custom/rule/node.tag/protocol/tcp/time-wait/node.def     | 5 -----
 8 files changed, 40 deletions(-)

(limited to 'templates-cfg/system/conntrack/timeout')

diff --git a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/close-wait/node.def b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/close-wait/node.def
index 0491b68..c8b12d7 100644
--- a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/close-wait/node.def
+++ b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/close-wait/node.def
@@ -2,12 +2,7 @@ type: u32
 
 help: TCP CLOSE-WAIT timeout in seconds
 
-default: 60
-
 val_help: u32:1-21474836; TCP CLOSE-WAIT timeout in seconds
 
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
 
-update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close_wait=$VAR(@)
-
-delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close_wait=60
diff --git a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/close/node.def b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/close/node.def
index 38317d5..fc6929f 100644
--- a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/close/node.def
+++ b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/close/node.def
@@ -2,12 +2,7 @@ type: u32
 
 help: TCP CLOSE timeout in seconds
 
-default: 10
-
 val_help: u32:1-21474836; TCP CLOSE timeout in seconds
 
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
 
-update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close=$VAR(@)
-
-delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_close=10
diff --git a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/established/node.def b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/established/node.def
index 9e47f1e..9acfd15 100644
--- a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/established/node.def
+++ b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/established/node.def
@@ -2,12 +2,7 @@ type: u32
 
 help: TCP ESTABLISHED timeout in seconds
 
-default: 432000
-
 val_help: u32:1-21474836; TCP ESTABLISHED timeout in seconds
 
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
 
-update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_established=$VAR(@)
-
-delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_established=432000
diff --git a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/fin-wait/node.def b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/fin-wait/node.def
index 985a6a4..f11f16b 100644
--- a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/fin-wait/node.def
+++ b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/fin-wait/node.def
@@ -2,12 +2,7 @@ type: u32
 
 help: TCP FIN-WAIT timeout in seconds
 
-default: 120
-
 val_help: u32:1-21474836; TCP FIN-WAIT timeout in seconds
 
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
 
-update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_fin_wait=$VAR(@)
-
-delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_fin_wait=120
diff --git a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/last-ack/node.def b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/last-ack/node.def
index 3e07fe4..1beb31f 100644
--- a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/last-ack/node.def
+++ b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/last-ack/node.def
@@ -2,12 +2,7 @@ type: u32
 
 help: TCP LAST-ACK timeout in seconds
 
-default: 30
-
 val_help: u32:1-21474836; TCP LAST-ACK timeout in seconds
 
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
 
-update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_last_ack=$VAR(@)
-
-delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_last_ack=30
diff --git a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/syn-recv/node.def b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/syn-recv/node.def
index 50c5512..6d98386 100644
--- a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/syn-recv/node.def
+++ b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/syn-recv/node.def
@@ -2,12 +2,7 @@ type: u32
 
 help: TCP SYN-RECEIVED timeout in seconds
 
-default: 60
-
 val_help: u32:1-21474836; TCP SYN-RECEIVED timeout in seconds
 
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
 
-update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_recv=$VAR(@)
-
-delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_recv=60
diff --git a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/syn-sent/node.def b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/syn-sent/node.def
index 5856ba7..3343bdb 100644
--- a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/syn-sent/node.def
+++ b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/syn-sent/node.def
@@ -2,12 +2,7 @@ type: u32
 
 help: TCP SYN-SENT timeout in seconds
 
-default: 120
-
 val_help: u32:1-21474836; TCP SYN-SENT timeout in seconds
 
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
 
-update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_sent=$VAR(@)
-
-delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_syn_sent=120
diff --git a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/time-wait/node.def b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/time-wait/node.def
index f6bd1c8..1342cc5 100644
--- a/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/time-wait/node.def
+++ b/templates-cfg/system/conntrack/timeout/custom/rule/node.tag/protocol/tcp/time-wait/node.def
@@ -2,12 +2,7 @@ type: u32
 
 help: TCP TIME-WAIT timeout in seconds
 
-default: 120
-
 val_help: u32:1-21474836; TCP TIME-WAIT timeout in seconds
 
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 21474836) ; "Value must be between 1 and 21474836"
 
-update: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_time_wait=$VAR(@)
-
-delete: sudo sysctl -q -w net/netfilter/nf_conntrack_tcp_timeout_time_wait=120
-- 
cgit v1.2.3