Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2024-12-22 13:45:02 -05:00
Code Issues Packages Projects Releases Wiki Activity

reduce conntrack UDP timeouts

Browse Source 
This only applies to outbound NTP requests since we use notrack for our
UDP services and DNS-over-TLS for our local resolver. We'd have no need
for longer timeouts even if that wasn't the case.
This commit is contained in:
Daniel Micay 2024-04-30 12:13:02 -04:00
parent 6dbc014f4b
commit f9425e3ebd
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sysctl.d/local.conf
View File

@ -37,6 +37,8 @@ net.mptcp.enabled = 0
net.netfilter.nf_conntrack_tcp_loose = 0
net.netfilter.nf_conntrack_tcp_timeout_established = 14400
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 60
net.netfilter.nf_conntrack_udp_timeout = 15
net.netfilter.nf_conntrack_udp_timeout_stream = 15
net.netfilter.nf_conntrack_expect_max = 1
kernel.yama.ptrace_scope = 2