[Firewall] nf_conntrack: table full, dropping packet.

Michel van Dop mvandop at xs4all.nl
Thu Jun 12 09:20:55 CEST 2014


 

Hi Lonnie, 

Thank you! 

Michel 

Lonnie Abelbeck schreef op 2014-06-11 15:08: 

> Michel,
> 
> In your firewall.conf, there is an AIF variable for that:
> --
> CONNTRACK=32768
> --
> 
> That explains why your setting was being overwritten, as it defaults to 16384 .
> 
> Lonnie
> 
> On Jun 11, 2014, at 4:09 AM, Michel van Dop wrote:
> 
>> Hi, I have problem on stream server, i get this in the system log: Jun 10 20:07:25 localhost kernel: nf_conntrack: table full, dropping packet. I change it to 32768 I do this: sysctl -w net.netfilter.nf_conntrack_max=32768 net.netfilter.nf_conntrack_max = 32768 But when i restart the firewall he is default to 16384 When i start the firewall i see the output this: Configuring general kernel parameters: Setting the max. amount of simultaneous connections to 16384 net.nf_conntrack_max = 16384 How to change this to 32768 in the firewall.conf? I already change it on /etc/sysctl.conf net.netfilter.nf_conntrack_max=32768 Thank you, Michel -- _______________________________________________ Firewall mailing list Firewall at rocky.eld.leidenuniv.nl http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall [1] Arno's (Linux IPTABLES Firewall) Homepage: http://rocky.eld.leidenuniv.nl [2]
> 
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall [1]
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl [2]

-- 

 

Links:
------
[1] http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
[2] http://rocky.eld.leidenuniv.nl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20140612/4ed68f38/attachment.html>


More information about the Firewall mailing list