freifunk/puppet-ff_gw
0
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Increase conntrack size

Browse source
This commit is contained in:
ohrensessel 2014-08-19 11:51:10 +02:00
parent e0750129f3
commit 8211257f00
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
manifests/init.pp
View file

@ -397,7 +397,8 @@ class ff_gw::radvd($own_ipv6) {
changes => [ changes => [
'set net.ipv4.ip_forward 1', 'set net.ipv4.ip_forward 1',
'set net.ipv6.conf.all.forwarding 1', 'set net.ipv6.conf.all.forwarding 1',
'set net.ipv4.icmp_errors_use_inbound_ifaddr 1' 'set net.ipv4.icmp_errors_use_inbound_ifaddr 1',
'set net.ipv4.netfilter.ip_conntrack_max 65536'
], ],
} }
~> ~>
@ -504,6 +505,7 @@ class ff_gw::iptables {
/sbin/ip route add unreachable default table 42 /sbin/ip route add unreachable default table 42
/sbin/ip rule add from all fwmark 0x1 table 42 /sbin/ip rule add from all fwmark 0x1 table 42
/sbin/ip -6 rule add from all fwmark 0x1 table 42 /sbin/ip -6 rule add from all fwmark 0x1 table 42
/bin/echo 8192 > /sys/module/nf_conntrack/parameters/hashsize
exit 0'; exit 0';
} }
~> ~>