X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=example%2Fhost.fw;fp=example%2Fhost.fw;h=1bf6d86578ab2dc5a6eeecaeb8190e3393d7fdd3;hp=4d861078d8c6f8b2f6ddb69a668d7cae08a5226b;hb=28c082a187a76def02b212cbc1b6c8b48159d58b;hpb=0365eb68439db796282603ef5d27cab82a07f3cd

diff --git a/example/host.fw b/example/host.fw
index 4d86107..1bf6d86 100644
--- a/example/host.fw
+++ b/example/host.fw
@@ -15,6 +15,9 @@ policy_out: ACCEPT
 # allow more connections (default is 65536)
 nf_conntrack_max: 196608
 
+# reduce conntrack established timeout (default is 432000 - 5days)
+nf_conntrack_tcp_timeout_established: 7875
+
 # Enable firewall when bridges contains IP address.
 # The firewall is not fully functional in that case, so
 # you need to enable that explicitly