Attachment #120318 for bug #179792

View | Details | Raw Unified | Return to bug 179792
Collapse All | Expand All




    
   fprintf (script, "\n# --------( Sysctl Tuning - IPTables Specific Parameters )--------\n\n");
   
	fprintf (script, "# Doubling current limit for nf_conntrack\n");
	fprintf (script, "if [ -e /proc/sys/net/ipv4/nf_conntrack_max ]; then\n"
	"  echo 16384 > /proc/sys/net/ipv4/nf_conntrack_max\nfi\n\n");

	fclose (script);
}

	fprintf (script, "$MPB ip_tables 2> /dev/null\n");
	fprintf (script, "$MPB iptable_filter 2> /dev/null\n");
	fprintf (script, "$MPB ipt_state 2> /dev/null\n");		
	fprintf (script, "$MPB nf_conntrack 2> /dev/null\n");
	fprintf (script, "$MPB nf_conntrack_ftp 2> /dev/null\n");
	fprintf (script, "$MPB nf_conntrack_irc 2> /dev/null\n");
	fprintf (script, "$MPB ipt_REJECT 2> /dev/null\n");
	/* fprintf (script, "$MPB ipt_REDIRECT 2> /dev/null\n"); */
	fprintf (script, "$MPB ipt_TOS 2> /dev/null\n");

Lines 32-38 Link Here

(-)firestarter-1.0.3.orig/src/statusview.c (-1 / +1 lines)
32		32
33	#define DEV_FILE "/proc/net/dev"	33	#define DEV_FILE "/proc/net/dev"
34	#define TCP_FILE "/proc/net/tcp"	34	#define TCP_FILE "/proc/net/tcp"
35	#define CONNTRACK_FILE "/proc/net/ip_conntrack"	35	#define CONNTRACK_FILE "/proc/net/nf_conntrack"
36	#define CONNTRACK_TTL 10 /* Number of refresh cycles a non-established connection is kept in the GUI */	36	#define CONNTRACK_TTL 10 /* Number of refresh cycles a non-established connection is kept in the GUI */
37	#define REFRESH_RATE 1 /* Time in seconds between updates */	37	#define REFRESH_RATE 1 /* Time in seconds between updates */
38	#define HISTORY_LENGTH 5 /* Number of samples to use when averaging the traffic rate */	38	#define HISTORY_LENGTH 5 /* Number of samples to use when averaging the traffic rate */

Return to bug 179792

Lines 336-344 Link Here

(-)firestarter-1.0.3.orig/src/netfilter-script.c (-6 / +6 lines)
336		336
337	fprintf (script, "\n# --------( Sysctl Tuning - IPTables Specific Parameters )--------\n\n");	337	fprintf (script, "\n# --------( Sysctl Tuning - IPTables Specific Parameters )--------\n\n");
338		338
339	fprintf (script, "# Doubling current limit for ip_conntrack\n");	339	fprintf (script, "# Doubling current limit for nf_conntrack\n");
340	fprintf (script, "if [ -e /proc/sys/net/ipv4/ip_conntrack_max ]; then\n"	340	fprintf (script, "if [ -e /proc/sys/net/ipv4/nf_conntrack_max ]; then\n"
341	" echo 16384 > /proc/sys/net/ipv4/ip_conntrack_max\nfi\n\n");	341	" echo 16384 > /proc/sys/net/ipv4/nf_conntrack_max\nfi\n\n");
342		342
343	fclose (script);	343	fclose (script);
344	}	344	}
Lines 389-397 Link Here
389	fprintf (script, "$MPB ip_tables 2> /dev/null\n");	389	fprintf (script, "$MPB ip_tables 2> /dev/null\n");
390	fprintf (script, "$MPB iptable_filter 2> /dev/null\n");	390	fprintf (script, "$MPB iptable_filter 2> /dev/null\n");
391	fprintf (script, "$MPB ipt_state 2> /dev/null\n");	391	fprintf (script, "$MPB ipt_state 2> /dev/null\n");
392	fprintf (script, "$MPB ip_conntrack 2> /dev/null\n");	392	fprintf (script, "$MPB nf_conntrack 2> /dev/null\n");
393	fprintf (script, "$MPB ip_conntrack_ftp 2> /dev/null\n");	393	fprintf (script, "$MPB nf_conntrack_ftp 2> /dev/null\n");
394	fprintf (script, "$MPB ip_conntrack_irc 2> /dev/null\n");	394	fprintf (script, "$MPB nf_conntrack_irc 2> /dev/null\n");
395	fprintf (script, "$MPB ipt_REJECT 2> /dev/null\n");	395	fprintf (script, "$MPB ipt_REJECT 2> /dev/null\n");
396	/* fprintf (script, "$MPB ipt_REDIRECT 2> /dev/null\n"); */	396	/* fprintf (script, "$MPB ipt_REDIRECT 2> /dev/null\n"); */
397	fprintf (script, "$MPB ipt_TOS 2> /dev/null\n");	397	fprintf (script, "$MPB ipt_TOS 2> /dev/null\n");