Connection Tracking Engine Options 218 Enable connection tracking flow accounting Size of connection tracking expect table u32:1-50000000 Number of entries allowed in connection tracking expect table 2048 Hash size for connection tracking table u32:1-50000000 Size of hash to use for connection tracking table 32768 Customized rules to ignore selective connection tracking IPv4 rules Rule number u32:1-999999 Number of conntrack ignore rule Ignore rule number must be between 1 and 999999 #include Destination parameters #include #include #include Interface to ignore connections tracking on any #include Protocol to match (protocol name, number, or "all") all tcp_udp all All IP protocols tcp_udp Both TCP and UDP u32:0-255 IP protocol number <protocol> IP protocol name !<protocol> IP protocol name Source parameters #include #include #include #include IPv6 rules Rule number u32:1-999999 Number of conntrack ignore rule Ignore rule number must be between 1 and 999999 #include Destination parameters #include #include #include Interface to ignore connections tracking on any #include Protocol to match (protocol name, number, or "all") all tcp_udp all All IP protocols tcp_udp Both TCP and UDP u32:0-255 IP protocol number <protocol> IP protocol name !<protocol> IP protocol name Source parameters #include #include #include #include Log connection tracking events per protocol Log connection tracking events for ICMP #include Log connection tracking events for all protocols other than TCP, UDP and ICMP #include Log connection tracking events for TCP #include Log connection tracking events for UDP #include Connection tracking modules FTP connection tracking H.323 connection tracking NFS connection tracking PPTP connection tracking SIP connection tracking SQLnet connection tracking TFTP connection tracking Size of connection tracking table u32:1-50000000 Number of entries allowed in connection tracking table 262144 TCP options Maximum number of TCP half-open connections u32:1-2147483647 Generic connection timeout in seconds 512 Policy to track previously established connections enable disable enable Allow tracking of previously established connections disable Do not allow tracking of previously established connections (enable|disable) enable Maximum number of packets that can be retransmitted without received an ACK u32:1-255 Number of packets to be retransmitted 3 Connection timeout options Define custom timeouts per connection IPv4 rules Rule number u32:1-999999 Number of conntrack rule Ignore rule number must be between 1 and 999999 #include Destination parameters #include #include Interface to ignore connections tracking on any Customize protocol specific timers, one protocol configuration per rule #include Source parameters #include #include IPv6 rules Rule number u32:1-999999 Number of conntrack rule Ignore rule number must be between 1 and 999999 #include Destination parameters #include #include Interface to ignore connections tracking on any Customize protocol specific timers, one protocol configuration per rule #include Source parameters #include #include #include