El miÃ, 15-12-2004 a las 12:20, Maxime Ducharme escribiÃ: > Hi Miguel > we run iptables 1.2.9 on a Dell PowerEdge 750. > > It protects 128 IPs adresses which host many Internet > services (www, mail, ftp, ssl, ssh, ...). > > Current connections are above 2000 : > [root@Cerberux root]# cat /proc/net/ip_conntrack |wc -l > 2168 > > Current load : > [root@Cerberux root]# uptime > 10:10:24 up 156 days, 21:54, 1 user, load average: 0.00, 0.00, 0.00 > > About 250 mos of RAM is used. > > Maximum connections is set here : > [root@Cerberux root]# cat /proc/sys/net/ipv4/ip_conntrack_max > 16368 > > > This value may be set higher but ensure you have enough RAM. > > The higher value I ever seen is 5000 (happens when many worms > scan our network concurrently), and we didnt noticed any network > slowdown. > > Have a nice day > > Maxime Ducharme > Programmeur / SpÃcialiste en sÃcurità rÃseau > > ----- Original Message ----- > From: "Miguel Angel Amador L" <amador@xxxxxx> > To: "NetFilter Users" <netfilter@xxxxxxxxxxxxxxxxxxx> > Sent: Friday, December 10, 2004 2:11 PM > Subject: Max Concurrent Session [... Mi last comments...] Thanks, I needed another opinion and I am secure now. (PD:Is because some comercial firewall have limits for concurrent session , and I needed compare this ) __ Miguel Angel Amador L fono: +562 204 8611 #231 fax: +562 204 8603 e-mail: miguel.amador@xxxxxxxxxxxx
