Hi,
Павел Коколемин wrote:
I am using libnetfilter_conntrack for log all connections passing via my
router (new & destroy messages).
When LAN users start network scanners (NetLook, for example),
sometimes I receive error in console:
"nfnl_listen: recvmsg overrun: No buffer space available"
generated in nfct_event_conntrack() (recvmsg() returns ENOBUFS error code).
This message generated in nfnl_listen().
Increase netlink buffer size via nfnl_rcvsiz() (libnfnetlink), the
default size is available in /proc/sys/net/core/rmem_max. BTW, this
message means that you have probably lost some log messages because the
rate was so high that the buffer could not back off.
--
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris
