2007/2/1, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
Pablo Neira Ayuso wrote: > Increase netlink buffer size via nfnl_rcvsiz() (libnfnetlink), the > default size is available in /proc/sys/net/core/rmem_max. BTW, this > message means that you have probably lost some log messages because the > rate was so high that the buffer could not back off. Sorry, I didn't notice that there is no way to access nfnl_handle from libnetfilter_conntrack, instead use setsockopt(nfct_fd(h), SOL_SOCKET, SO_RCVBUFFORCE, &size, socklen) to set the buffer size. Anyway I'll cook a patch for this asap, this issue is important.
Thanks! This is solved problem! nfnl_rcvbufsiz call doesn't change rmem_max value in my system (probably, flag SO_RCVBUFFORCE has no effect), but I set this value manual: echo 8388608 > /proc/sys/net/core/rmem_max Pavel