Hi Michael, I have never personally witnessed this error, but I am aware it can happen if the conntrack state table is full.
By default CONNTRACK=16384 which sets the conntrack state table size. View the number states: System tab -> Firewall States -- NNN Total Firewall States -- Look to see what public TCP or UDP ports are exposed and see if someone might be probing them. Possibly you have a BitTorrent running internally ? That can create a lot of states. If you really have a super busy system there is some tuning you can do, but I would look to see if you have some publicly exposed ports that can be firewalled better. Lonnie > On Oct 6, 2020, at 4:50 PM, Michael Knill <[email protected]> > wrote: > > Hi Group > > For the second morning in a row, my office system has been pretty much > unusable with the following in the logs: > > user.warn kernel: nf_conntrack: table full, dropping packet > > Is this a DoS attack? > Things are fine once rebooted. Surely this wouldn't be the case with a DoS > attack? > > Where should I test next? > > Thanks all. > > Regards > Michael Knill > _______________________________________________ > Astlinux-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > [email protected]. _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
