Skip to content
Snippets Groups Projects
Verified Commit 76f6d35b authored by Michal Hrusecky's avatar Michal Hrusecky :mouse:
Browse files

Improve conntrack defaults

parent 04f00e53
No related merge requests found
Hide whitespace changes
Inline Side-by-side
patches/openwrt/branding/0001-base-files-Improve-defaults-for-conntrack.patch 0 → 100644
+ 26
0
View file @ 76f6d35b
From 9d8820d86e03b19f4ea7dbdf130e091045ccf86b Mon Sep 17 00:00:00 2001
From: Michal Hrusecky <michal.hrusecky@nic.cz>
Date: Tue, 17 Jul 2018 11:20:50 +0200
Subject: [PATCH] base-files: Improve defaults for conntrack
---
package/base-files/files/etc/sysctl.d/10-default.conf | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/package/base-files/files/etc/sysctl.d/10-default.conf b/package/base-files/files/etc/sysctl.d/10-default.conf
index 46d079b..484654d 100644
--- a/package/base-files/files/etc/sysctl.d/10-default.conf
+++ b/package/base-files/files/etc/sysctl.d/10-default.conf
@@ -23,3 +23,9 @@ net.ipv4.tcp_dsack=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1
+
+net.nf_conntrack_max = 262144
+net.netfilter.nf_conntrack_tcp_timeout_established = 432000
+net.netfilter.nf_conntrack_udp_timeout=60
+net.netfilter.nf_conntrack_udp_timeout_stream=180
+net.netfilter.nf_conntrack_checksum=1
--
2.18.0
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment