path: root/doc/sync/notrack
diff options
authorPablo Neira Ayuso <>2009-01-17 18:03:53 +0100
committerPablo Neira Ayuso <>2009-01-17 18:03:53 +0100
commit746f7031f4d1e3bccdd6db3c53835d8b85b73c90 (patch)
treea900ab9f0654dd67ae36f2c61ca4cdc3c2c7befe /doc/sync/notrack
parent05194422ee8fa038d99fe77a2e9d776d25623fd2 (diff)
src: add state polling support (oppossed to current event-driven)
This patch adds the clause PollSecs that changes the normal behaviour of conntrackd. With PollSecs set to > 0, conntrackd polls every N seconds the entries. This is the opposed behaviour of an event-driven behaviour but may be useful for those that have really strong limitations in terms of CPU consumption and want to perform a relaxed replication. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'doc/sync/notrack')
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/sync/notrack/conntrackd.conf b/doc/sync/notrack/conntrackd.conf
index 7f8c8a3..5abf589 100644
--- a/doc/sync/notrack/conntrackd.conf
+++ b/doc/sync/notrack/conntrackd.conf
@@ -173,6 +173,18 @@ General {
SocketBufferSizeMaxGrowth 8388608
+ #
+ # By default, the daemon receives state updates following an
+ # event-driven model. You can modify this behaviour by switching to
+ # polling mode with the PollSecs clause. This clause tells conntrackd
+ # to dump the states in the kernel every N seconds. With regards to
+ # synchronization mode, the polling mode can only guarantee that
+ # long-lifetime states are recovered. The main advantage of this method
+ # is the reduction in the state replication at the cost of reducing the
+ # chances of recovering connections.
+ #
+ # PollSecs 15
# The daemon prioritizes the handling of state-change events coming
# from the core. With this clause, you can set the maximum number of