Fixing error:
"net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv" is an
unknown key on Debian Linux
If you're trying to tune up your:
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 30
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 30
net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 30
net.ipv4.netfilter.ip_conntrack_max = 1048576
in
/etc/sysctl.conf and you come across the error
messages;
"net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv" is an
unknown key
"net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait" is an
unknown key
"net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait" is an
unknown key
"net.ipv4.netfilter.ip_conntrack_max" is an unknown
key
whether you're executing:
debian:~# sysctl -p
in order to make the net.ipv4.netfilter.* values to be set as a
kernel values to iptables, you need to modify your
/etc/modules file and add the
nf_conntrack_ftp in it,
here is how:
echo 'nf_conntrack_ftp' >>
/etc/modules
Now to make the new settings be reloaded issue the command:
debian:~# sysctl -p
Now the values will be properly set and you will see no longer the
is an unknown key error messages like so:
net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv =
30
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 30
net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 30
net.ipv4.netfilter.ip_conntrack_max = 1048576