#
# Helper settings
#

Helper {
	# Before this, you have to make sure you have registered the `ftp'
	# user-space helper stub via:
	#
	# nfct helper add ftp inet tcp
	#
	Type ftp inet tcp {
		#
		# Set NFQUEUE number you want to use to receive traffic from
		# the kernel.
		#
		QueueNum 0
		#
		# Set the Expectation policy for this helper.
		#
		Policy ftp {
			#
			# Maximum number of simultaneous expectations
			#
			ExpectMax 1
			#
			# Maximum living time for one expectation (in seconds).
			#
			ExpectTimeout 300
		}
	}
	Type rpc inet tcp {
		QueueNum 1
		Policy rpc {
			ExpectMax 1
			ExpectTimeout 300
		}
	}
	Type rpc inet udp {
		QueueNum 2
		Policy rpc {
			ExpectMax 1
			ExpectTimeout 300
		}
	}
	Type tns inet tcp {
		QueueNum 3
		Policy tns {
			ExpectMax 1
			ExpectTimeout 300
		}
	}
}

#
# General settings
#
General {
	#
	# Set the nice value of the daemon, this value goes from -20
	# (most favorable scheduling) to 19 (least favorable). Using a
	# very low value reduces the chances to lose state-change events.
	# Default is 0 but this example file sets it to most favourable
	# scheduling as this is generally a good idea. See man nice(1) for
	# more information.
	#
	Nice -20

	#
	# Select a different scheduler for the daemon, you can select between
	# RR and FIFO and the process priority (minimum is 0, maximum is 99).
	# See man sched_setscheduler(2) for more information. Using a RT
	# scheduler reduces the chances to overrun the Netlink buffer.
	#
	# Scheduler {
	#	Type FIFO
	#	Priority 99
	# }

	#
	# Logfile: on (/var/log/conntrackd.log), off, or a filename
	# Default: off
	#
	LogFile on

	#
	# Syslog: on, off or a facility name (daemon (default) or local0..7)
	# Default: off
	#
	#Syslog on

	#
	# Lockfile
	#
	LockFile /var/lock/conntrack.lock

	#
	# Unix socket configuration
	#
	UNIX {
		Path /var/run/conntrackd.ctl
		Backlog 20
	}
}