This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
advanced-ctnf [2022/01/11 01:11] – [Tracking/NAT Helpers]-formatting hogwild | advanced-ctnf [2023/05/24 22:02] (current) – [Miscellaneous] -formatting hogwild | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Conntrack / Netfilter ====== | ====== Conntrack / Netfilter ====== | ||
- | The settings | + | |
+ | The settings | ||
===== Connections ===== | ===== Connections ===== | ||
- | The Connections menu contains some limited conntrack configuration settings. //Conntrack //is a Linux utility that provides an interface to the //netfilter // | + | |
- | \\ | + | The Connections menu contains some limited conntrack configuration settings. //Conntrack //is a Linux utility that provides an interface to the //netfilter // |
- | \\ | + | |
- | \\ | + | In general, conntrack can be used to search, list, inspect and maintain the Linux kernel' |
- | **Maximum Connections**: | + | |
Clicking on the [// Count current ... //] link gives you a real-time view of the current demand for oconnections. | Clicking on the [// Count current ... //] link gives you a real-time view of the current demand for oconnections. | ||
**Hash Table Size**: This parameter allows you to tweak the following kernel attribute: /'' | **Hash Table Size**: This parameter allows you to tweak the following kernel attribute: /'' | ||
+ | |||
+ | \\ | ||
{{: | {{: | ||
+ | |||
===== TCP Timeout ===== | ===== TCP Timeout ===== | ||
- | The TCP Timeout table allows you to define some critical TCP parameters, | + | The TCP Timeout table allows you to define some critical TCP parameters, |
+ | |||
+ | \\ | ||
{{: | {{: | ||
+ | |||
===== UDP Timeout ===== | ===== UDP Timeout ===== | ||
The UDP Timeout table defines the timeouts of UDP packets to and from the router. | The UDP Timeout table defines the timeouts of UDP packets to and from the router. | ||
+ | |||
+ | \\ | ||
{{: | {{: | ||
+ | |||
===== Other Timeouts ===== | ===== Other Timeouts ===== | ||
Other Timeouts allows further adjustments to the router' | Other Timeouts allows further adjustments to the router' | ||
+ | |||
+ | \\ | ||
{{: | {{: | ||
- | ===== Tracking/ | ||
- | Some protocols are well-known for not being designed to work well with NAT. Some workarounds (Helpers) have been developed to allow these protocols to operate in a NAT environment. Enabling the option will enable the helper procedure. Be advised that on networks where VoIP is in use, the use of the SIP helper is not recommended. While this many seem counterintuitive, | + | ===== Tracking/ |
+ | |||
+ | Some protocols are well-known for being poorly | ||
+ | |||
+ | Be advised that on networks where VoIP is in use, the use of the SIP helper is //not// recommended. While this may seem counterintuitive, | ||
+ | |||
+ | \\ | ||
{{: | {{: | ||
- | ===== Miscellaneous | ||
- | TCP/UDP Buffers: | + | ===== Miscellaneous ===== |
+ | |||
+ | **TCP/UDP Buffers**: This setting defines | ||
+ | |||
+ | **TTL Adjust**: This option | ||
+ | |||
+ | **Inbound Layer 7**: This enables | ||
+ | |||
+ | \\ | ||
+ | |||
+ | {{: | ||
+ | |||
+ | \\ | ||
- | {{: | + | \\ \\ |