hi thanx for responding. some info to you all... the linux box with 2.4.19 kernel & iptables 1.2.7a has 768mb ram its ip_conntrack_max shows 48632. moreover the ip(=>> ipA) in the message file is a valid ip and not a private one & its going to a valid ip in internet. the very interesting & confusing part for me(& hope for others?? ) is why a day ago with iptables 1.2.6a there was no error message ???.. as i mentioned in last mail the only difference is that i have as module--> ip_nat_h323.o & also ipt_helper.o one last info to add here---why only this message for >>ipA<< when the box is handling more than 500 valid ip & above 200 private ip( of 10 series),..slabinfo shows... ip_conntrack 5150 6660 320 490 555 1 pls i need help to know where things went wrong for me.. if someone else have experienced the same can they give their experience/suggestions ?? thanx in anticipation... A.H Maciej Soltysiak wrote: >>Oct 9 12:25:24 ICG kernel: NET: 5 messages suppressed. >>Oct 9 12:26:31 ICG kernel: NET: 1 messages suppressed. >>Oct 9 12:26:31 ICG kernel: ip_conntrack: max number of expected >>connections 1 of ftp reached for <ipA> -> <ipB>, reusing >>Oct 9 12:27:12 ICG kernel: ip_conntrack: max number of expected >>connections 1 of ftp reached for <ipA> -> <ipB>, reusing >>these messages are piling the message file. >>am cusrious now why so ?.. what does this message signify ? > > Read the FAQ, and then increase your /proc/net/ip_conntrack_max > > Best Regards, > Maciej Soltysiak >
