On Wed, 2003-05-21 at 10:24, pengjie wrote: > After 2 days, the conntrack table is full, /var/log/messages display > the ip_conntrack_count is 167, and /proc/net/ip_conntrack is empty. > > Why?!, Why the ip_conntrack_count is bigger than ip_conntrack_max? > Why is /proc/net/ip_conntrack is empty? > how can this occurs? > > who can help me? Can you try a newer kernel? (I'd recommend 2.4.21-rc3) And if you still have the same problem, try enabling netfilter debugging in the kernel configuration (or at least enable the IP_NF_ASSERT macro in include/linux/netfilter_ipv4/ip_conntrack.h) -- /Martin
