I currently use APF for a firewall solution on a very busy server.

After some time i start getting the following error in messages:

Apr 4 08:24:08 XXXXXXX kernel: ip_conntrack: table full, dropping packet.

I searched google and from what I understand this file is used to limit the amount of IP connections to the server.

to remedy this issue I simple increase the amount of connections allowed by running:

echo "220000" > /proc/sys/net/ipv4/ip_conntrack_max

This works fine for awhile but after a undetermined amount of time it seems to "reset" it self to the lower number.

I poked around the /etc/apf directory and found an entry in sysctl.rules:

if [ "$SYSCTL_CONNTRACK" == "" ]; then
SYSCTL_CONNTRACK = 220000
fi

I was thinking that apf maybe refreshes after so long so I changed the number to the one listed above.
The server was unresponsive in the morning and to fix it I had to up the increase the value of ip_conntrack_max again. (It was reset back to the default value).

Any ideas how I can remedy this on a permanent basis?

Thanks in advance.