I am trying to bump up the ip_conntrack_max to somthing other than the default of 4096.
I am having a problem when I enter: loadmodule ip_conntrack hashsize=4095 in the shorewall modules section and save shorewall, it does not take affect on reboot. After a reboot I still get this: # cat /var/log/messages | grep track Jun 22 16:17:02 firewall kernel: ip_conntrack (512 buckets, 4096 max) When I should be getting a value of 32760 max, correct?? On the shorewall mailing list Tom suggested that I use: loadmodule ip_conntrack hashsize=n Where n is 1/8 of the number of entries that you want in the table. I also read that neither 'n' or 'hashsize' must be a power of two. That's why I chose 4095. (http://lists.samba.org/pipermail/netfilter-devel/2001-March/000725.html) I tried with 4096 and 2048, just to see what would happen, but I still get nothing when the system loads. If I manually enter: echo 32760 > /proc/sys/net/ipv4/ip_conntrack_max It changes the value, but I have no idea if it's actually working or not, or what to restart? Any ideas? .Steve Sobka [EMAIL PROTECTED] ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
