RE: ip_contrackt message

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Can't say I've ever seen this before but I might venture to guess you State
Table has filled up and can accept no more connections.   The number of
connection allowed by default is determined by the amount of RAM your
machine has, i.e. 128 MB of RAM you will get 8192 possible entries and with
256 MB of RAM you will get 16376 entries, etc. You might try increasing the
number of permitted table entries by setting
/proc/sys/net/ipv4/ip_conntrack_max to a
higher number and see if the system corrects itself.  This is just a guess.

-----Original Message-----
From: netfilter-admin@xxxxxxxxxxxxxxxxxxx
[mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Erwin Ambrosch
Sent: Wednesday, August 27, 2003 1:44 PM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: ip_contrackt message


Hi all,

I'm using iptables-1.2.5-3 and got the following messages in my logfile.
Please can one say me what exactly does this mean.

....
Aug 27 16:28:59 paul kernel: NET: 6 messages suppressed.
Aug 27 16:28:59 paul kernel: ip_conntrack: table full, dropping packet.
Aug 27 16:29:04 paul kernel: NET: 7 messages suppressed.
Aug 27 16:29:04 paul kernel: ip_conntrack: table full, dropping packet.
Aug 27 16:29:08 paul kernel: NET: 7 messages suppressed.
Aug 27 16:29:08 paul kernel: ip_conntrack: table full, dropping packet.
Aug 27 16:29:14 paul kernel: NET: 9 messages suppressed.
Aug 27 16:29:14 paul kernel: ip_conntrack: table full, dropping packet.
Aug 27 16:29:19 paul kernel: NET: 7 messages suppressed.
Aug 27 16:29:19 paul kernel: ip_conntrack: table full, dropping packet.
....


Thanks in advance

Erwin






[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux