webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-26 19:00:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

sysctl: Conntrack: Disable picking up loose TCP connections

Browse Source 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2024-04-18 21:11:44 +00:00
parent 175ba983f4
commit 695c572993
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
config/etc/sysctl.conf
View File

@@ -35,6 +35,9 @@ net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.all.accept_redirects = 0
net.ipv6.conf.default.accept_redirects = 0
# Do not try to pick up existing TCP connections in conntrack
net.netfilter.nf_conntrack_tcp_loose = 0
# Enable netfilter accounting
net.netfilter.nf_conntrack_acct = 1