On Sun, 26 Aug 2007, Thomas Jacob wrote:
net.netfilter.nf_conntrack_max=1048576
net.netfilter.nf_conntrack_buckets=1048576
But it only does for nf_conntrack_max. I did overwrite it by going to
/sys/modules/nf_conntrack/parameters/hashsize and it did take it on the
second try. The first time it complained about file descriptors. The
second time it seemed to set it, which I verified by looking at
/proc/sys/net/netfilter/nf_conntrack_buckets.
Is there a way to set this on startup?
Oh yes sorry, you can't set it in sysctl.conf then, since the
module must probably already be loaded if you can use that. Try
the module load parameters instead (options ip_conntrack hashsize=XXXX
in /etc/modprobe.d/somefile worked in older kernels).
how can you do this if you don't use modules?
David Lang
