path: root/doc/stats/conntrackd.conf
diff options
authorPablo Neira Ayuso <>2009-01-17 18:03:53 +0100
committerPablo Neira Ayuso <>2009-01-17 18:03:53 +0100
commit746f7031f4d1e3bccdd6db3c53835d8b85b73c90 (patch)
treea900ab9f0654dd67ae36f2c61ca4cdc3c2c7befe /doc/stats/conntrackd.conf
parent05194422ee8fa038d99fe77a2e9d776d25623fd2 (diff)
src: add state polling support (oppossed to current event-driven)
This patch adds the clause PollSecs that changes the normal behaviour of conntrackd. With PollSecs set to > 0, conntrackd polls every N seconds the entries. This is the opposed behaviour of an event-driven behaviour but may be useful for those that have really strong limitations in terms of CPU consumption and want to perform a relaxed replication. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'doc/stats/conntrackd.conf')
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/stats/conntrackd.conf b/doc/stats/conntrackd.conf
index 1fc21af..889d387 100644
--- a/doc/stats/conntrackd.conf
+++ b/doc/stats/conntrackd.conf
@@ -91,6 +91,18 @@ Stats {
LogFile on
+ #
+ # By default, the daemon receives state updates following an
+ # event-driven model. You can modify this behaviour by switching to
+ # polling mode with the PollSecs clause. This clause tells conntrackd
+ # to dump the states in the kernel every N seconds. With regards to
+ # synchronization mode, the polling mode can only guarantee that
+ # long-lifetime states are recovered. The main advantage of this method
+ # is the reduction in the state replication at the cost of reducing the
+ # chances of recovering connections.
+ #
+ # PollSecs 15
# Enable connection logging via Syslog. Default is off.
# Syslog: on, off or a facility name (daemon (default) or local0..7)