hello.. is there anyway i can stop portscans/msblaster from filling up the ip_conntrack ?
# uptime 8:18am up 2 days, 17:47, load average: 0.03, 0.04, 0.00 # grep ip_conntrack /proc/slabinfo ip_conntrack 326624 332988 320 27375 27749 1 after 3-4 days the load rises to levels cousing package drop. after reboot load is back down to sensible levels. we have a /20 and recive quite a lot of portscans and msblaster packages. i assume it's these that crates the big ip_conntrack. best regards -- Ronny Aasen <[EMAIL PROTECTED]> ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
