Hi List, I am running a custom powerpc board with linux kernel 2.6.22. It was two interfaces eth0 - 192.168.1.148 and eth1 - 192.168.2.23 I have enabled forwarding on my board by writing 1 to /proc/sys/net/ipv4/ip_forward and setup masquerading rules on both the interfaces means packets leaving eth0 will have source ip = 192.168.1.148 and packets leaving eth1 will have source ip = 192.168.2.23. Now in my network I have two machines A - 192.168.1.7 and another Machine B - 192.168.2.13. All of the above machines are in the same physical LAN. (means the ethernet cables are connected to the same switch) Now on machine A, I setup routing as "route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.148" and ping 192.168.2.13 from Machine A. When i do a flood ping with ping -f 192.168.2.13, I get "nf_conntrack:table full, dropping packet" on my board. Taking a look at /proc/net/stat/nf_conntrack it shows the entries as 0x8000 i.e. 32768 which is the default max specified. How do I solve/achieve this function? Once the entries reach 0x8000, they never start to decrease! Am i missing something ? Elison -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
