Public bug reported: This might be considered a duplicate of https://bugs.launchpad.net/bugs/771372 and https://bugs.launchpad.net/bugs/690433, both of which are marked as fixed (and have long histories).
I have /etc/sysctl.d/60-conntrack.conf as follows: net.netfilter.nf_conntrack_max=131072 net.netfilter.nf_conntrack_tcp_timeout_established=600 net.netfilter.nf_conntrack_sctp_timeout_established=600 With both current distros of procps from quantal and precise repositories, my overrides to netfilter conntrack defaults are NOT applied at system boot time. My syntax is correct because I can successfully apply the changes with explicit sysctl commands. I found https://bugzilla.redhat.com/show_bug.cgi?id=869779 very helpful. I have circumvented the problem on my systems by adding "service procps restart" to my (empty by default) /etc/rc.local file. It seems to me the upstart "static network up" event is still too early in the boot process and the netfilter branch of the proc tree has not yet been created. I fiddled around with the start clause of procps, waiting for specific interfaces to come up, but that made no difference. Perhaps a new event is required? However, following the discussions in the 2 bugs above, and also https://bugs.launchpad.net/bugs/50093, there seems to be something inadequate in the architecture. Surely it isn't right to be running procps later to modify some branches while it needs to be run early for others? Maybe the upstart script for procps needs to use different (and new?) upstart events to process subsets of the /etc/sysctl.d/ conf files? ** Affects: procps (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1210813 Title: procps does not set netfilter changes To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1210813/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
