[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] kernel: ip_conntrack: table full, dropping packet.

Hi Philippe,

Philippe Vogel wrote:
Possibilities for this:

external portscanns
too much rulessets
pc with 2 much connections (e.g. p2p) *
infected redmond (tm) pc with worm

(*) decrease numer of connections and disable master-node functionality.
This is the #1 reason for full tables!

first of all thanks for you answer.

There is a Web-Server behind the box, that has many connections and also quite a lot of traffic. I also do have many rules - SuSEfirewall2 seems to create a lot of rules from the rules I've entered in it's syntax. But how can I check how close to the message "ip_conntrack: table full, dropping packet" I am, when counting the lines in ip_conntrack does not do it? And what's the solution for a firewall with Webservers behind it then - to write my own firewall-rules?



Attachment: signature.asc
Description: OpenPGP digital signature