Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: ip_conntrack table flushing problem

from [Eduardo Kienetz] Network Security [Permanent Link]
Subject: Re: ip_conntrack table flushing problem
Date: Tue, 19 Apr 2005 23:59:15 -0300 
On 4/18/05, Sam <nopedial@digitalmoon.org> wrote:


Hi everyone,

I have problems with ip_conntrack table on debian GNU\Linux kernel 2.6.10.
Dmesg replies me:

ip_conntrack: table full, dropping packet.
printk: 181 messages suppressed.
ip_conntrack: table full, dropping packet.

The only way I've found online is to unload/reload the iptables modules,
but that will make me lose packets, and in my network, that's not
possible.Somebody knows how to flush that table manually?

Greets,

Sam




cat /proc/sys/net/ipv4/ip_conntrack_max

That's the maximum number of connection tracking (simulteneous conections).
You can increase it by issuing: echo "12345" > 
/proc/sys/net/ipv4/ip_conntrack_max
If I remember right, around 250 bytes of memory are used to control each 
connection, so you can figure out the max you can choose on your system.

Regards,

-- 
Eduardo Bacchi Kienetz
Senior Support Analyst
http://www.noticiaslinux.com.br/eduardo/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Checkpoint NG Guidance, Wawan Purwanto
Next by Date:  Re: ip_conntrack table flushing problem, Sylvain Gil
Previous by Thread:  ip_conntrack table flushing problem, Sam
Next by Thread:  Re: ip_conntrack table flushing problem, Sylvain Gil
Indexes:  [Date] [Thread] [Top] [All Lists]