# cat /proc/sys/net/netfilter/nf_conntrack_max
65536
# sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
vm.overcommit_memory = 2
vm.overcommit_ratio = 80
net.netfilter.nf_conntrack_max = 524288
# cat /proc/sys/net/netfilter/nf_conntrack_max
524288
[root@rhel6-5 ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
# cat /proc/sys/net/netfilter/nf_conntrack_max
65536
Solution: not yet
Không có nhận xét nào:
Đăng nhận xét