El mar, 28 de 12 de 2004 a las 23:09, Jorge Agrelo escribiÃ: > Does anybody can help me to set or leave by default the following netfilter > variables at a Border/Firewall running kernel 2.6.9 and iptables 1.2.11 ??? > > ip_conntrack_buckets > ip_conntrack_generic_timeout > ip_conntrack_icmp_timeout > ip_conntrack_max > ip_conntrack_tcp_timeout_close > ip_conntrack_tcp_timeout_close_wait > ip_conntrack_tcp_timeout_established > ip_conntrack_tcp_timeout_fin_wait > ip_conntrack_tcp_timeout_last_ack > ip_conntrack_tcp_timeout_syn_recv > ip_conntrack_tcp_timeout_syn_sent > ip_conntrack_tcp_timeout_time_wait > ip_conntrack_udp_timeout > ip_conntrack_udp_timeout_stream > > Thanks in advance The easiest way to set this variables it's to create a script in /etc/rc.d/init.d and add it to the runlevel you are using with chkconfig or similars. You can also add some lines to /etc/rc.d/rc.local to set the variables. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
