Differences

This shows you the differences between two versions of the page.

--- advanced-ctnf [2024/10/06 21:28] – [Miscellaneous] -Condense hogwild
+++ advanced-ctnf [2024/11/27 00:29] (current) – [Miscellaneous] hogwild
@@ Line 1: / Line 1: @@
 ====== Conntrack / Netfilter ======
-Settings in this menu let you control some advanced network parameters. In most cases, the default settings are fine. Think carefully before changing the settings from defaults. You should only change these settings if you have advanced networking knowledge.
+Settings here let you control some advanced network parameters. In most cases, default settings are fine. Think carefully before changing the settings from defaults. You should only change these settings if you have advanced networking knowledge.
@@ Line 8: / Line 8: @@
 The Connections section contains some limited conntrack configuration settings. //Conntrack //is a Linux utility that provides an interface to the //netfilter //connection tracking system. It tracks connections, and is used to know how the packets that pass through the system are related to their connections.
-Generally, conntrack is used to search, list, inspect and maintain the Linux kernel's connection tracking. Conntrack does NOT manipulate packets, and works independently of NAT functions.\\   \\   \\ **Maximum Connections**: The maximum number of sessions handled by the router: ("/proc/sys/net/ipv4/netfilter/ip_conntrack_max").
+Generally, conntrack is used to search, list, inspect and maintain the Linux kernel's connection tracking. Conntrack does NOT manipulate packets, and works independently of NAT functions.\\   \\   \\ **Maximum Connections**: the maximum number of sessions handled by the router.
+("/proc/sys/net/ipv4/netfilter/ip_conntrack_max").
 Clicking the [// Count current ... //] link displays a real-time view of the current demand for connections.
@@ Line 14: / Line 16: @@
  \\
-**Hash Table Size**: This parameter lets you tweak the following kernel attribute: "/proc/sys/net/ipv4/netfilter/ip_conntrack_buckets"
+**Hash Table Size**: this lets you tweak the kernel attribute: "/proc/sys/net/ipv4/netfilter/ip_conntrack_buckets"
  \\
@@ Line 52: / Line 54: @@
 Some protocols are well-known for being poorly designed to work with NAT. Some workarounds (Helpers) have been developed to allow these protocols to operate in a NAT environment. Enabling the option will enable the corresponding helper procedure.
-Be advised that on networks where VoIP is in use, the use of the SIP helper is //not// recommended. While this may seem counterintuitive, real world experience shows that the SIP Helper often makes VoIP function work worse, not better.
+Be advised that on networks where VoIP is in use, the use of the SIP helper is //not// recommended. While it may seem counterintuitive, the SIP Helper often makes VoIP function worse, not better. You are advised not to use it.
  \\
@@ Line 61: / Line 63: @@
 ===== Miscellaneous =====
-**TCP/UDP Buffers**: This defines the number of TCP/UDP buffers allowed (to/from the router). This setting needs to be tweaked carefully. A large buffer will facilitate higher throughput, but too large a buffer might create //bufferbloat. //Bloated buffers lead to network-crippling latency spikes.
+**TCP/UDP Buffers**: defines the number of TCP/UDP buffers allowed (to/from the router).
+This needs to be tweaked carefully. A large buffer will facilitate higher throughput, but if too large, might create //bufferbloat. //Bloated buffers lead to network-crippling latency spikes.
  \\
-**TTL Adjust**: This option increases or decreases the packet Time-To-Live value crossing the router.
+**TTL Adjust**: lets you increase or decrease the packet Time-To-Live value crossing the router.
  \\
-**Inbound Layer 7**: This enables inbound Layer 7 traffic matching, caches the results, and marks the traffic outbound.
+**Inbound Layer 7**: enables inbound Layer 7 traffic matching, caches the results, and marks the traffic outbound.
  \\

FreshTomato Wiki

User Tools

Site Tools

Differences

Page Tools