2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Network Development Team #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
24 conntrack_get_accounting
() {
25 sysctl_get
"net.netfilter.nf_conntrack_acct"
28 conntrack_set_accounting
() {
32 # Convert boolean values into 0 and 1.
33 if enabled value
; then
34 log INFO
"Enabling connection tracking accounting"
37 log INFO
"Disabling connection tracking accounting"
41 sysctl_set
"net.netfilter.nf_conntrack_acct" "${value}"
46 conntrack_get_max_connections
() {
47 sysctl_get
"net.netfilter.nf_conntrack_max"
50 conntrack_set_max_connections
() {
52 assert isinteger value
54 log INFO
"Conntrack: Setting max. amount of concurrent connections to ${value}"
55 sysctl_set
"net.netfilter.nf_conntrack_max" "${value}"
60 conntrack_get_udp_timeout
() {
61 sysctl_get
"net.netfilter.nf_conntrack_udp_timeout"
64 conntrack_set_udp_timeout
() {
66 assert isinteger value
68 log INFO
"Conntrack: Setting UDP timeout to ${value}s"
69 sysctl_set
"net.netfilter.nf_conntrack_udp_timeout" "${value}"