From: "John A. Sullivan III" <jsullivan@opensourcedevel.com>
To: Chicken of the Apocalypse <satehen@btinternet.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: iptables stop/start vs restart ...
Date: Thu, 29 Sep 2005 06:34:01 -0400 [thread overview]
Message-ID: <1127990041.2685.0.camel@localhost> (raw)
In-Reply-To: <20050929095047.45779.qmail@web86503.mail.ukl.yahoo.com>
On Thu, 2005-09-29 at 10:50 +0100, Chicken of the Apocalypse wrote:
> Hi All,
>
> Simple problem, although I'm sure it's been raised before and I need to search harder!
>
> I've got a basic setup/configuration of iptables-1.2.11-3.1 running on 2.6.10-1.766_FC3smp with one change in the /etc/sysconfig/iptables-config file. I increase the hashsize using:
> /sbin/modprobe ip_conntrack hashsize=32767.
>
> If I run service iptables stop/start and then cat /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets the value is 32767. If I run service iptables restart the value in the file goes back to default. I've noticed the same in a power failure scenario where the machine lost power and on reboot didn't change the hashsize.
> I've had a quick look through /etc/init.d/tideway and as far as I can tell a restart just runs a stop and start. I'm assuming some sort of save/restore flag is or isn't set and this is causing the problem during a restart or power cut.
>
> I need to ensure that the correct hashsize is always set. Any have any ideas?
>
> Thanks
Can you use the options parameter in modprobe.conf rather than
specifying the option on the command line? - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@opensourcedevel.com
If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net
next prev parent reply other threads:[~2005-09-29 10:34 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-29 9:50 iptables stop/start vs restart Chicken of the Apocalypse
2005-09-29 10:34 ` John A. Sullivan III [this message]
2005-09-29 10:48 ` Chicken of the Apocalypse
2005-09-29 13:02 ` John A. Sullivan III
2005-09-29 15:54 ` Chicken of the Apocalypse
2005-09-29 12:16 ` Sai Kiran
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1127990041.2685.0.camel@localhost \
--to=jsullivan@opensourcedevel.com \
--cc=netfilter@lists.netfilter.org \
--cc=satehen@btinternet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.