[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] kernel: ip_conntrack: table full, dropping packet.



On Wednesday 08 September 2004 07:33 am, Josephine wrote:
> On Wednesday 08 September 2004 16:46, peter.kanters@xxxxxxxxxxxxxx wrote:
> > Dear suse-security list,
> >
> > I had this problem :  kernel: ip_conntrack: table full, dropping packet.
> > I found this solution : sysctl -w net.ipv4.ip_conntrack_max="32768"
> >
> > After i restart susefirewall2  the value off ip_conntrack_max is back to
> > default 16k .
> > How can i solve this ??
> >
> > Best regards, Peter.
>
> Hello Peter
>
> echo 32768 > /proc/sys/net/ipv4/ip_conntrack_max
>
> Still, you should consider adding this at your firewall script
> in /etc/sysconfig/scripts, so it can be loaded automatically after every
> reboot/flush/etc.
>
> Josephine

Or perhaps finding out why you have this problem in the first place.
I've often seen this when there is an infected windows box behind
the Linux firewall...

-- 
_____________________________________
John Andersen

Attachment: pgpXw2IPr8y8f.pgp
Description: signature