From f81e146f6c98f33f76a529f26c4519ec6f74c36d Mon Sep 17 00:00:00 2001
From: Niklas Yann Wettengel <niyawe@niyawe.de>
Date: Thu, 12 Apr 2018 17:11:58 +0200
Subject: [PATCH] set net.netfilter.nf_conntrack_tcp_timeout_established later

---
 roles/configure_sysctl/files/ff.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/configure_sysctl/files/ff.conf b/roles/configure_sysctl/files/ff.conf
index c1a583a..7987e88 100644
--- a/roles/configure_sysctl/files/ff.conf
+++ b/roles/configure_sysctl/files/ff.conf
@@ -18,9 +18,9 @@ net.ipv6.neigh.default.gc_interval=3600
 net.ipv6.neigh.default.gc_stale_time=3600
 
 # decrease nf_conntrack_tcp_timeout_established - default=432000
-net.netfilter.nf_conntrack_tcp_timeout_established=86400
 net.netfilter.nf_conntrack_max=1048576
 net.netfilter.nf_conntrack_buckets=131072
+net.netfilter.nf_conntrack_tcp_timeout_established=86400
 
 # reboot after kernel panic
 kernel.panic=1