SL9.1 and SLES9 Extreme use of our webservers during online application season requires we set the /proc/sys/net/ipv4/ip_conntrack_max very high (= 65536). I tried to make this setting persistant between reboots by means of /etc/sysctl.conf and boot.sysctl init script. But each reboot left ip_conntrack_max = 16384. After much hair-pulling, I finally discoverd the script /sbin/SuSEfirewall2 contains the line: echo 16384 > /proc/sys/net/ipv4/ip_conntrack_max It think this is bad bad bad. Perhaps this should be a variable controlled by yast or some file in /etc/sysconfig. But this should not be hard-coded into the script. I don't see this in SL9.3 or SLES10. I have altered this line in /sbin/SuSEfirewall2 to get the ip_conntrack_max value I need, but what will happen after next update to SuSEfirewall2 rpm? I realize SL9.1 is out of maintenace, so this is essencially a SLES9 issue. If you think it best, I will contact SLES support instead and let this list rest. -- -ashley Did you try poking at it with a stick?