On Tue, Jan 14, 2003 at 05:09:53PM +0100, Filip Sneppe wrote:
> On Tue, 2003-01-14 at 17:01, Christian Hammers wrote:
> > Yes, thought so, too. - The question that I was trying to ask in this
> > thread was, why the /proc/net/ip_conntrack is filled by the kernel
> > although I *already did* remove the module!
>
> What kernel version are you running ? modutils version ?
Kernel-2.4.20. modprobe-2.4.15. Debian 3.0 woody distribution.
> Is this reproducable upon every reboot ?
I'm not allowed to reboot it :-) But it's still reproducible that
after decreasing with about 1000 per minute the value of
/proc/net/ip_conntrack has now stabilized around the
/proc/sys/net/ipv4/ipt_conntrack_max value which is currently 10000
(was 65520 and filled up to ca. 50000)
> I've been giving it a few tries on my machine, and
> ip_conntrack disappears nicely from /proc/net upon
> unloads/reloads of ip_conntrack, even
> with unreplied connections pending.
Hmm :)
Maybe you should set your machine unter a load of at least 4mbit/s
with random IPs. This was the amount of traffic my router had when I
reloaded the firewall rule script with a "rmmod" at the beginning.
bye,
-christian-
--
Christian Hammers WESTEND GmbH | Internet-Business-Provider
Technik CISCO Systems Partner - Authorized Reseller
Lütticher Strasse 10 Tel 0241/701333-11
ch@westend.com D-52064 Aachen Fax 0241/911879
