| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
[root@xxxxx root]# cat /proc/sys/net/ipv4/ip_conntrack_max 8184 It is 8000 entry by default you can change it: [root@xxxxx root]# echo 1024000 > /proc/sys/net/ipv4/ip_conntrack_max Be careful if increase will eat more memory .... On Tuesday 17 June 2003 14:29, Farkas Levente wrote: > hi, > we've a fully updated rh8.0 firewall with kernel-2.4.20-18.8, > iptables-1.2.6a-2. we got the following error about once a week: > ----------------------------------------- > Jun 13 05:21:41 portal kernel: ip_conntrack: table full, dropping packet. > Jun 13 05:21:47 portal last message repeated 10 times > Jun 13 05:21:51 portal kernel: NET: 6 messages suppressed. > Jun 13 05:21:51 portal kernel: ip_conntrack: table full, dropping packet. > Jun 13 05:21:57 portal kernel: NET: 3 messages suppressed. > Jun 13 05:21:57 portal kernel: ip_conntrack: table full, dropping packet. > ----------------------------------------- > in this case we cant do anything just reboot the server. the strange is > that in this case: > wc -l /proc/net/ip_conntrack > is about 3-400, while during the normal operation it's about 1000-1500. > so I don't know what can be the problem in this case. what can I do to > find out the reason for this problem? and how to solve it? > thank you for your help in advance. _______________________________________________ Redhat-devel-list mailing list Redhat-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/redhat-devel-list