i just got a 'ip_conntrack: table full, dropping packet' because a
p2p-application ran amok. i've killed the process but
/proc/net/ip_conntrack still got more than 7000 (now stale) entries of 8184
max. since the table is now after ~70 minutes down to 6995 entries, i
wonder if i can flush this table manually. the entries in there look like
tcp 6 155674 ESTABLISHED src=x.x.x.x dst=y.y.y.y sport=1234 dport=5678
src=y.y.y.y dst=x.x.x.x sport=5678 dport=1234 [ASSURED] use=1
and if i get ip_conntrack_proto_tcp.c right, the default timeout for
ESTABLISHED is 5 days. but i dont want to wait that long :(
Patrick
