Re: max ip_conntrack entries
In message <[EMAIL PROTECTED]> you write: > > is there a way to dynamically change the limit : kernel: ip_conntrack: > maximum limit of 16384 entries exceeded ? echo 32768 > /proc/net/ipv4/ip_conntrack_max Don't increase it too much, or your efficiency will go out the window (the hash table size doesn't increase). > either a newssus scan or a weird ftp server I tried to connect to, > caused the table to fill pretty fast and all other connections stopped > for a short time. It will start dropping "unreplied" connections. Rusty. -- Premature optmztion is rt of all evl. --DK - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: max ip_conntrack entries
In message [EMAIL PROTECTED] you write: is there a way to dynamically change the limit : kernel: ip_conntrack: maximum limit of 16384 entries exceeded ? echo 32768 /proc/net/ipv4/ip_conntrack_max Don't increase it too much, or your efficiency will go out the window (the hash table size doesn't increase). either a newssus scan or a weird ftp server I tried to connect to, caused the table to fill pretty fast and all other connections stopped for a short time. It will start dropping "unreplied" connections. Rusty. -- Premature optmztion is rt of all evl. --DK - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
max ip_conntrack entries
is there a way to dynamically change the limit : kernel: ip_conntrack: maximum limit of 16384 entries exceeded ? grepping in the documentation didn't tell much here. either a newssus scan or a weird ftp server I tried to connect to, caused the table to fill pretty fast and all other connections stopped for a short time. the entries are similar btw in /proc/net/ip_conntrack : tcp 6 425335 ESTABLISHED src=203.45.72.96 dst=203.45.72.96 sport=28480 dport=21 [UNREPLIED] src=203.45.72.96 dst=203.45.72.96 sport=21 dport=28480 use=1 the source and dest are always the same. weird. currently 15443 entries. -- Grobbebol's Home | Don't give in to spammers. -o) http://www.xs4all.nl/~bengel | Use your real e-mail address /\ Linux 2.2.16 SMP 2x466MHz / 256 MB |on Usenet. _\_v - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
max ip_conntrack entries
is there a way to dynamically change the limit : kernel: ip_conntrack: maximum limit of 16384 entries exceeded ? grepping in the documentation didn't tell much here. either a newssus scan or a weird ftp server I tried to connect to, caused the table to fill pretty fast and all other connections stopped for a short time. the entries are similar btw in /proc/net/ip_conntrack : tcp 6 425335 ESTABLISHED src=203.45.72.96 dst=203.45.72.96 sport=28480 dport=21 [UNREPLIED] src=203.45.72.96 dst=203.45.72.96 sport=21 dport=28480 use=1 the source and dest are always the same. weird. currently 15443 entries. -- Grobbebol's Home | Don't give in to spammers. -o) http://www.xs4all.nl/~bengel | Use your real e-mail address /\ Linux 2.2.16 SMP 2x466MHz / 256 MB |on Usenet. _\_v - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/