you can disable the loading of the ip_conntrack helper modules, unfortunatly i think the main ip_conntrack is compiled into the kernel, (last time i checked), so you will still need to tweak the /proc/ settings to have a bigger contrack list.
I tend to keep the shorewall ulog and iptables, but configure them as a host only firewall to protect the router itself. mvh Ronny Aasen On Sat, 2004-11-20 at 11:56, Eric Spakman wrote: > Joe, > > If you are not doing any NAT, you can disable the loading of the > conntrack module(s) in /etc/modules. > If I understand it correctly and you do plain routing only (no > firewalling), you can also remove iptables.lrp, ulogd.lrp and > shorwall.lrp. Don't forget to set "ip_forward=yes" in > /etc/network/options. > > Eric Spakman > > > I've got an issue where my ip_conntrack table keeps getting pretty full. I > > increased the max so it's not too bad now, but it's still larger than I'd > > like and I believe its just wasting some memory. Looking at it, some of the > > entries have HUGE timeouts. I see that other people have seen this issue as > > well, but I'm still not sure how to fix it. I'm not doing any NAT, routing > > only. Isn't there a way to just turn off connection tracking? > > > > > > -- > > Joe Nelson > > Air Wired > > [EMAIL PROTECTED] > > http://www.airwired.net > > > > > > > > ------------------------------------------------------- > > This SF.Net email is sponsored by: InterSystems CACHE > > FREE OODBMS DOWNLOAD - A multidimensional database that combines > > robust object and relational technologies, making it a perfect match > > for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8 > > ------------------------------------------------------------------------ > > leaf-user mailing list: [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > > > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: InterSystems CACHE > FREE OODBMS DOWNLOAD - A multidimensional database that combines > robust object and relational technologies, making it a perfect match > for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8 > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Ronny Aasen <[EMAIL PROTECTED]> ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
