Hi all,
I want to ask how to set up in the right way nf_conntrack_max with
shorewall on CentOS 6?
If I use CentOS firewall (iptables) nf_conntrack_max is set to the value
from /etc/sysctl.conf file. But with shorewall not, should I use
/etc/shorewall/start?
My configuration:
- services:
ip6tables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
shorewall 0:off 1:off 2:on 3:on 4:on 5:on 6:off
shorewall6 0:off 1:off 2:on 3:on 4:on 5:on 6:off
- /etc/sysconfig/system-config-firewall:
--disabled
--port=22:tcp
- /etc/sysctl.conf:
net.nf_conntrack_max = 262144
net.netfilter.nf_conntrack_max = 262144
Best regards
--
Karel Ziegler
e-mail: [email protected] <mailto:[email protected]>
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
