您的位置: 首页  >  文章  >  优化防火墙内核参数时出错

优化防火墙内核参数时出错

分类: 文章 2022-07-17 16:51:21

在centos6.4中优化内核,执行sysctl -p时会出现以下错误

error: "net.ipv4.ip_conntrack_max" is an unknown key

error: "net.ipv4.netfilter.ip_conntrack_max" is an unknown key

error: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established" is an unknown key

error: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait" is an unknown key

error: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait" is an unknown key

error: "net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait" is an unknown key


解决方法

net.nf_conntrack_max = 25000000

net.netfilter.nf_conntrack_max = 25000000

net.netfilter.nf_conntrack_tcp_timeout_established = 180

net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120

net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60

net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120



error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key

解决方法

modprobe bridge

lsmod|grep bridge


相关推荐