Kernel, IP Tables and ip_conntrack
Michael W Cocke
cocke at catherders.com
Mon Aug 20 23:22:15 UTC 2007
You didn't mention what version of Fedora you're running, but AFAIK,
iptables defaults to on when the system is installed - have you
checked that it's really off?
And to answer the unasked but implied question -
>The answer is to up the number of connections, but if theres no firewall
>theres nothing much to up!
Of course there are settings to twiddle in the IP stack and ifconfig
both that might address your problem.
Mike-
On Mon, 20 Aug 2007 10:15:54 +0100, you wrote:
>Quick question about /proc/net/ip_conntrack, I assume this is only
>created on systems running a firewall? If this is the case I am
>wondering why my internal open system (no firewall) seemed to crash with
>the only errors in the log being :
>
>Aug 13 12:05:15 kernel: ip_conntrack: table full, dropping packet.
>Aug 13 12:18:36 kernel: ip_conntrack: table full, dropping packet.
>Aug 13 12:29:36 kernel: ip_conntrack: table full, dropping packet.
>Aug 13 13:47:31 kernel: ip_conntrack: table full, dropping packet.
>
>The answer is to up the number of connections, but if theres no firewall
>theres nothing much to up!
>
>
>Many thanks to anyone that can shed any light on this!
>
>Neil.
--
If you're not confused, you're not trying hard enough.
--
Please note - Due to the intense volume of spam, we have installed
site-wide spam filters at catherders.com. If email from you bounces,
try non-HTML, non-encoded, non-attachments,
More information about the fedora-list
mailing list