|
|
@@ -33,24 +33,6 @@ nf_conntrack_events - BOOLEAN
|
|
|
If this option is enabled, the connection tracking code will
|
|
|
provide userspace with connection tracking events via ctnetlink.
|
|
|
|
|
|
-nf_conntrack_events_retry_timeout - INTEGER (seconds)
|
|
|
- default 15
|
|
|
-
|
|
|
- This option is only relevant when "reliable connection tracking
|
|
|
- events" are used. Normally, ctnetlink is "lossy", that is,
|
|
|
- events are normally dropped when userspace listeners can't keep up.
|
|
|
-
|
|
|
- Userspace can request "reliable event mode". When this mode is
|
|
|
- active, the conntrack will only be destroyed after the event was
|
|
|
- delivered. If event delivery fails, the kernel periodically
|
|
|
- re-tries to send the event to userspace.
|
|
|
-
|
|
|
- This is the maximum interval the kernel should use when re-trying
|
|
|
- to deliver the destroy event.
|
|
|
-
|
|
|
- A higher number means there will be fewer delivery retries and it
|
|
|
- will take longer for a backlog to be processed.
|
|
|
-
|
|
|
nf_conntrack_expect_max - INTEGER
|
|
|
Maximum size of expectation table. Default value is
|
|
|
nf_conntrack_buckets / 256. Minimum is 1.
|
Nicolas Dichtel