SOURCES: conntrack-tools.conf (NEW), conntrack-tools.init (NEW), c...
areq
areq at pld-linux.org
Sun Jun 17 20:48:42 CEST 2007
Author: areq Date: Sun Jun 17 18:48:42 2007 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- init script + configuration
---- Files affected:
SOURCES:
conntrack-tools.conf (NONE -> 1.1) (NEW), conntrack-tools.init (NONE -> 1.1) (NEW), conntrack-tools.sysconfig (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/conntrack-tools.conf
diff -u /dev/null SOURCES/conntrack-tools.conf:1.1
--- /dev/null Sun Jun 17 20:48:42 2007
+++ SOURCES/conntrack-tools.conf Sun Jun 17 20:48:37 2007
@@ -0,0 +1,69 @@
+#
+# General settings
+#
+General {
+ #
+ # Number of buckets in the caches: hash table
+ #
+ HashSize 8192
+
+ #
+ # Maximum number of conntracks:
+ # it must be >= $ cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
+ #
+ HashLimit 65535
+
+ #
+ # Logfile
+ #
+ LogFile /var/log/conntrackd.log
+
+ #
+ # Lockfile
+ #
+ LockFile /var/lock/conntrack.lock
+
+ #
+ # Unix socket configuration
+ #
+ UNIX {
+ Path /tmp/sync.sock
+ Backlog 20
+ }
+
+ #
+ # Netlink socket buffer size
+ #
+ SocketBufferSize 262142
+
+ #
+ # Increase the socket buffer up to maximun if required
+ #
+ SocketBufferSizeMaxGrown 655355
+}
+
+#
+# Ignore traffic for a certain set of IP's: Usually
+# all the IP assigned to the firewall since local
+# traffic must be ignored, just forwarded connections
+# are worth to replicate
+#
+IgnoreTrafficFor {
+ IPv4_address 127.0.0.1 # loopback
+}
+
+#
+# Do not replicate certain protocol traffic
+#
+IgnoreProtocol {
+ UDP
+# ICMP
+# IGMP
+# VRRP
+ # numeric numbers also valid
+}
+
+#
+# Strip NAT traffic
+#
+StripNAT
================================================================
Index: SOURCES/conntrack-tools.init
diff -u /dev/null SOURCES/conntrack-tools.init:1.1
--- /dev/null Sun Jun 17 20:48:42 2007
+++ SOURCES/conntrack-tools.init Sun Jun 17 20:48:37 2007
@@ -0,0 +1,90 @@
+#!/bin/sh
+#
+# conntrackd The userspace connection tracking table administration program
+#
+# chkconfig: 345 11 89
+#
+# description: The userspace connection tracking table administration program
+#
+# $Id$
+
+# Source function library
+. /etc/rc.d/init.d/functions
+
+# Get network config
+. /etc/sysconfig/network
+
+[ -f /etc/sysconfig/conntrackd ] && . /etc/sysconfig/conntrackd
+
+# Check that networking is up.
+if is_yes "${NETWORKING}"; then
+ if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status ]; then
+ msg_network_down conntrackd
+ exit 1
+ fi
+else
+ exit 0
+fi
+
+start() {
+ # Check if the service is already running?
+ if [ ! -f /var/lock/subsys/conntrackd ]; then
+ msg_starting conntrackd
+ daemon conntrackd $CONNTRACKD_OPTS
+ RETVAL=$?
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/conntrackd
+ else
+ msg_already_running conntrackd
+ fi
+}
+
+stop() {
+ if [ -f /var/lock/subsys/conntrackd ]; then
+ # Stop daemons.
+ msg_stopping conntrackd
+ killproc conntrackd
+ rm -f /var/lock/subsys/conntrackd
+ else
+ msg_not_running conntrackd
+ fi
+}
+
+reload() {
+ if [ -f /var/lock/subsys/conntrackd ]; then
+ msg_reloading conntrackd
+ killproc conntrackd -HUP
+ RETVAL=$?
+ else
+ msg_not_running conntrackd
+ RETVAL=7
+ fi
+}
+
+RETVAL=0
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ stop
+ start
+ ;;
+ reload)
+ reload
+ ;;
+ force-reload)
+ reload
+ ;;
+ status)
+ status conntrackd
+ RETVAL=$?
+ ;;
+ *)
+ msg_usage "$0 {start|stop|restart|reload|force-reload|status}"
+ exit 3
+esac
+
+exit $RETVAL
================================================================
Index: SOURCES/conntrack-tools.sysconfig
diff -u /dev/null SOURCES/conntrack-tools.sysconfig:1.1
--- /dev/null Sun Jun 17 20:48:42 2007
+++ SOURCES/conntrack-tools.sysconfig Sun Jun 17 20:48:37 2007
@@ -0,0 +1,6 @@
+# Config file for conntrack-tools startup
+
+CONNTRACKD_OPTS="-S -d"
+
+# This must be last line !
+# vi:syntax=sh
================================================================
More information about the pld-cvs-commit
mailing list