LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page What does these option do for netfilter?
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 05-14-2009, 10:55 PM   #1
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Rep: Reputation: 30
What does these option do for netfilter?

Quote:
# echo 1 > /proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal

# echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
Recently I need to troubleshoot a debian based router (Vyatta) and these options were required to allow sending of mails with attachment successfully to a specific recipient.

It works for all other recipients by default (without the options)

what are they for?
How do I make it persistent?

Thanks!
 
Old 05-15-2009, 01:12 AM   #2
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,083

Rep: Reputation: 405Reputation: 405Reputation: 405Reputation: 405Reputation: 405
If you have your kernel sources installed, you can find complete documentation for this at Documentation/networking/ip-sysctl.txt

If you don't, just google for 'Documentation/networking/ip-sysctl.txt' and you should be able to find it.
 
Old 05-15-2009, 01:33 AM   #3
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,359

Rep: Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751
Just FYI, in CENTOS you edit /etc/sysctl.conf. I'd guess its something similar for you.
 
Old 05-15-2009, 03:03 AM   #4
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
hmm.. i guess this vyatta is a striped down version (lenny/sid)..
tried google for the keywords you mentioned, but i don't see the 2 modules i am looking at hmm

google always return not found if i became too specific

how do one make such changes persistent in debian? is it the same /etc/sysctl.conf?
I see the same file
 
Old 05-15-2009, 03:13 AM   #5
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,083

Rep: Reputation: 405Reputation: 405Reputation: 405Reputation: 405Reputation: 405
I guess yep.

Values are stored in this fashion on that file.

Code:
value.for.this_keyword = <value>
 
Old 05-15-2009, 05:53 AM   #6
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
but for the 2 fields i am looking at, anyone can explain what are they for?

just curious how toggling it can solve my problem.
 
Old 05-15-2009, 06:03 AM   #7
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,083

Rep: Reputation: 405Reputation: 405Reputation: 405Reputation: 405Reputation: 405
No idea, for my version of the kernel at least they are not in the docs.
 
Old 06-14-2009, 04:39 PM   #8
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 234Reputation: 234Reputation: 234
No idea either. Googling indicates that the definitions should be in a file named ip-sysctl.txt. None of the ones I tracked down mentioned, let alone defined,
/proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal or
/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal

http://www.kernel.org/doc/Documentat.../ip-sysctl.txt is one of the longer (more complete?) that I found.
Last edited by archtoad6; 07-28-2009 at 08:34 AM. Reason: add missing comma
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Where is the screensaver option, and where is the sound option? Cinematography SUSE / openSUSE 1 06-20-2008 05:30 PM
Netfilter Help rajaashok Linux - Kernel 1 11-22-2007 12:41 AM
Netfilter and 2.6.16.2 krizzz Slackware 8 04-13-2006 10:17 PM
rpm have --nodeps option with dpkg is such an option available deepclutch Debian 2 03-26-2006 09:49 PM
Netfilter hooks mousars Programming 2 03-16-2006 12:22 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 02:41 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration