Dedikovany Firewall

problem

 [2810676.056586] nf_conntrack: table full, dropping packet

reseni (zalezi hodne na pameti fw, toto je pro RAM 256MB)

 cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count 
 cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
 echo 65000 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max

 cat /sys/module/nf_conntrack/parameters/hashsize
 echo 8192 > /sys/module/nf_conntrack/parameters/hashsize

podrobne

http://wiki.khnet.info/index.php/Conntrack_tuning

linux/fw.txt · Last modified: 2013/05/01 21:50 by admin