Kernel, IP Tables and ip_conntrack
Neil Marjoram
n.marjoram at adastral.ucl.ac.uk
Mon Aug 20 09:15:54 UTC 2007
Quick question about /proc/net/ip_conntrack, I assume this is only
created on systems running a firewall? If this is the case I am
wondering why my internal open system (no firewall) seemed to crash with
the only errors in the log being :
Aug 13 12:05:15 kernel: ip_conntrack: table full, dropping packet.
Aug 13 12:18:36 kernel: ip_conntrack: table full, dropping packet.
Aug 13 12:29:36 kernel: ip_conntrack: table full, dropping packet.
Aug 13 13:47:31 kernel: ip_conntrack: table full, dropping packet.
The answer is to up the number of connections, but if theres no firewall
theres nothing much to up!
Many thanks to anyone that can shed any light on this!
Neil.
More information about the users
mailing list