as I said, the current (and default) value is 65536 what would you suggest changing it to? Thomas Jacob wrote:
I'l looking at nf-HiPAC right now - will probably try it some time soon. Beyond that, I'm out of ideas for the moment.nf-HiPAC won't help there if you just have 25 rules ( => http://people.netfilter.org/kadlec/nftest.pdf ), the problem is very likely down to you using the default parameters for the conntrack hash table, just like the other reply indicated.
