# This is a set of SUSE-provided recommendations. To use it or make # modifications to it, copy it to /etc/conntrackd/conntrackd.conf and adjust # /etc/sysconfig/conntrackd. General { HashSize 32768 HashLimit 131072 # LogFile on Syslog on LockFile /var/run/lock/conntrackd.lock UNIX { Path /var/run/conntrackd.sock } # NetlinkBufferSize 2097152 # NetlinkBufferSizeMaxGrowth 8388608 SocketBufferSize 262142 SocketBufferSizeMaxGrown 655355 # Filter From Userspace { # Address Ignore { # IPv4_address 127.0.0.1 # loopback # IPv6_address ::1 # loopback # } # } # default SUSE systemd service unit file is of Type=notify Systemd on } Stats { LogFile on } #Helper { # # Before this, you have to make sure you have registered the `ftp' # # user-space helper stub via: # # # # nfct add helper ftp inet tcp # # # Type ftp inet tcp { # # # # Set NFQUEUE number you want to use to receive traffic from # # the kernel. # # # QueueNum 0 # # # # # Maximum number of packets waiting in the queue to receive # # a verdict from user-space. Default is 1024. # # # # Rise value if you hit the following error message: # # "nf_queue: full at X entries, dropping packets(s)" # # # QueueLen 10240 # # # # # Set the Expectation policy for this helper. This section # # is optional; if left unspecified, the defaults from the # # ctd_helper struct will be used. # # # Policy ftp { # # # # Maximum number of simultaneous expectations # # # ExpectMax 1 # # # # Maximum living time for one expectation (in seconds). # # # ExpectTimeout 300 # } # } # Type rpc inet tcp { # QueueNum 1 # QueueLen 10240 # Policy rpc { # ExpectMax 1 # ExpectTimeout 300 # } # } # Type rpc inet udp { # QueueNum 2 # QueueLen 10240 # Policy rpc { # ExpectMax 1 # ExpectTimeout 300 # } # } # Type tns inet tcp { # QueueNum 3 # QueueLen 10240 # Policy tns { # ExpectMax 1 # ExpectTimeout 300 # } # } # Type dhcpv6 inet6 udp { # QueueNum 4 # QueueLen 10240 # Policy dhcpv6 { # ExpectMax 1 # ExpectTimeout 300 # } # } # Type ssdp inet udp { # QueueNum 5 # QueueLen 10240 # Policy ssdp { # ExpectMax 8 # ExpectTimeout 300 # } # } # Type ssdp inet tcp { # QueueNum 5 # QueueLen 10240 # Policy ssdp { # ExpectMax 8 # ExpectTimeout 300 # } # } # Type mdns inet udp { # QueueNum 6 # QueueLen 10240 # Policy mdns { # ExpectMax 8 # ExpectTimeout 30 # } # } # Type slp inet udp { # QueueNum 7 # QueueLen 10240 # Policy slp { # ExpectMax 8 # ExpectTimeout 16 # } # } #}