|
|
|
Re: [xtables-addons] memory usage in module geoip (probably) | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
W dniu 2012-01-20 18:05, Jan Engelhardt napisał(a):
geoip uses vmalloc for its huge allocations, so that can't be it. Themassive size of skbuff_head_cache would point towards there being a lot of dead skbs being held, which - in my nose - would smell of tarpit. Did you properly feed all packets that you tarpited also to -j CT --notrack?
Surely i didn't use notrack;) I has problem how to use it, i'd like to tarpit packets at the end of INPUT at filter table, notrack i can use only in raw table. Have you got idea about kmallo-512 and kmalloc-2048? I'll try every single module and watch kmalloc usage. It will take a couple of days for each one. Maybe i'll isolate which module uses kmallocs. I suspect xtables because without them i didn't notice such situation.
I'd like to ask is such usage of memory ok? Which module could take so much precious ram?:) (I suspect geoip). How much memory geoip can use inworse case (db with ipv4 and ipv6)?The on-disk files for geoip are loaded verbatim into the kernel, so thatwould be only ~6 MB at worst for geoip, not 40+.
Thank you for all information. Marcin -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
|
|