IPVS: Enable connection tracking by default
authorMichael Tremer <michael.tremer@ipfire.org>
Sun, 6 Jan 2019 21:33:43 +0000 (21:33 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Sun, 6 Jan 2019 21:33:43 +0000 (21:33 +0000)
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
config/etc/sysctl.conf
config/rootfiles/core/127/filelists/files
config/rootfiles/core/127/update.sh

index 4066af7..dd087d2 100644 (file)
@@ -26,6 +26,9 @@ net.ipv4.conf.all.accept_redirects = 0
 net.ipv4.conf.all.accept_source_route = 0
 net.ipv4.conf.all.log_martians = 1
 
+# Enable connection tracking for IPVS
+net.ipv4.vs.conntrack = 1
+
 kernel.printk = 1 4 1 7
 vm.swappiness=1
 vm.mmap_min_addr = 4096
index d3de58f..bea3f3c 100644 (file)
@@ -9,6 +9,7 @@ etc/rc.d/init.d/unbound
 etc/rc.d/rc0.d/K77conntrackd
 etc/rc.d/rc3.d/S22conntrackd
 etc/rc.d/rc6.d/K77conntrackd
+etc/sysctl.conf
 srv/web/ipfire/cgi-bin/dnsforward.cgi
 srv/web/ipfire/cgi-bin/ids.cgi
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
index a8a206e..1b4ce29 100644 (file)
@@ -52,6 +52,9 @@ sudo -u nobody /srv/web/ipfire/cgi-bin/proxy.cgi
 /etc/init.d/unbound restart
 /etc/init.d/squid start
 
+# Reload sysctl.conf
+sysctl -p
+
 # Finish
 /etc/init.d/fireinfo start
 sendprofile