templates-cfg/system/conntrack/expect-table-size/node.def


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

#
# Config template for: system conntrack expect-table-size
# 
# This  is  the  table  of expectations.  Connection tracking expectations are 
# the mechanism used to "expect" RELATED connections to existing ones.  
# Expectations are generally used by "connection tracking helpers"  (sometimes 
# called application level gateways [ALGs]) for more complex protocols such as
# FTP, SIP, H.323. 
#
# default value when no conntrack options set - 2048
# default value when no conntrack options set - 4096
#

type: u32

help: Size of connection tracking expect table

default: 4096

val_help: u32: 1-50000000; Number of entries allowed in connection tracking expect table

syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 50000000) ; "Value must be between 1 and 50000000"

update:
	sudo sysctl -q -w net/netfilter/nf_conntrack_expect_max=$VAR(@)