IPVS: Enable connection tracking by default

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/etc/sysctl.conf

@@ -26,6 +26,9 @@ net.ipv4.conf.all.accept_redirects = 0
 net.ipv4.conf.all.accept_source_route = 0
 net.ipv4.conf.all.log_martians = 1
 
+# Enable connection tracking for IPVS
+net.ipv4.vs.conntrack = 1
+
 kernel.printk = 1 4 1 7
 vm.swappiness=1
 vm.mmap_min_addr = 4096

config/rootfiles/core/127/filelists/files

@@ -9,6 +9,7 @@ etc/rc.d/init.d/unbound
 etc/rc.d/rc0.d/K77conntrackd
 etc/rc.d/rc3.d/S22conntrackd
 etc/rc.d/rc6.d/K77conntrackd
+etc/sysctl.conf
 srv/web/ipfire/cgi-bin/dnsforward.cgi
 srv/web/ipfire/cgi-bin/ids.cgi
 srv/web/ipfire/cgi-bin/ovpnmain.cgi

config/rootfiles/core/127/update.sh

@@ -52,6 +52,9 @@ sudo -u nobody /srv/web/ipfire/cgi-bin/proxy.cgi
 /etc/init.d/unbound restart
 /etc/init.d/squid start
 
+# Reload sysctl.conf
+sysctl -p
+
 # Finish
 /etc/init.d/fireinfo start
 sendprofile