Hi Rolf.
>> *The information about connections is stored in
*
*>> /proc/net/ip_conntrack. The maximum connections
*
*>> (...) in /proc/sys/net/ipv4/netfilter/ip_conntrack_max*
I checked these values and it looks this way;
# cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
55740
# cat /proc/net/
Hi Reid
Okay, no problem. So, everything is fine even with this
INVALID entries in log files?
2013/4/11 Reid Sutherland
> I don't think you need to remove the syslog tag, just know that when you
> see that syslog entry, it's related to the rule that has the tag.
>
>
> On 2013-04-10, at 11:34 A
Hi Mr Rolf
Okay, I will check these values; /proc/net/ip_conntrack etc.
Generally it is normal, that there are INVALID connections, right?
Yes, I'm seeing this syslog tag. Should I remove it from my iptables
script (e.g. -j LOG --log-prefix etc.)?
This whole discussion seems off-topic to me, but I'll try to clear this up.
Daniel, I believe you are seeing a syslog tag called '[INVALID in] ' or
'[INVALID out] ', nothing more. See the LOG target in the iptables man page
(eg, -j LOG --log-prefix '[INVALID in] ').
On 2013-04-09, at 3:51 PM
Hi Daniel,
On 09/04/13 21:05 +0200, Daniel Curtis wrote:
Hi andika.
Another INVALID packet description. I read a lot of
information and I don't know what is the truth. Frankly,
the first time I see a description, which concerns RAM memory.
So, I have a 1 GB of RAM memory. Just for example; fre
Hi andika.
Another INVALID packet description. I read a lot of
information and I don't know what is the truth. Frankly,
the first time I see a description, which concerns RAM memory.
So, I have a 1 GB of RAM memory. Just for example; free -m
command result;
used: 640, free: 230
and top command;
On Tue, Apr 9, 2013 at 11:18 PM, Daniel Curtis wrote:
> Hi
>
> As we know iptables INVALID state means, that
> the packet is associated with no known connection,
> right? So, if I have a lot of INVALID entries in my
> log files, does it means, that something is wrong?
> Hidden process etc.?
>
>
Ju
Hi
As we know iptables INVALID state means, that
the packet is associated with no known connection,
right? So, if I have a lot of INVALID entries in my
log files, does it means, that something is wrong?
Hidden process etc.?
An example of logged entries;
t4 kernel: [18776.221378] [INVALID in] IN=
8 matches
Mail list logo
