bugzilla-daemon@netfilter.org
2003-Jun-24 18:00 UTC
[Bug 105] Connection tracking table full, no new connections accepted
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=105 ------- Additional Comments From laforge@netfilter.org 2003-06-24 20:00 ------- Did you try to enlarge your connection tracking table? (Pleae read the FAQ) Do the /proc/net/ip_conntrack entries look plausible, or are there lots of entries with unreasonably high timeout? ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
bugzilla-daemon@netfilter.org
2003-Jun-24 18:23 UTC
[Bug 105] Connection tracking table full, no new connections accepted
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=105 ------- Additional Comments From sean@yak.net 2003-06-24 20:23 ------- I don't think it could be ip_conntrack_max, because that's set to 8192, and the machine shouldn't have had that many simulatneous connections, especially since both times this has happened, I have not been actively using the machine. Thus, the only connections that should be coming in are ftp, http, and smtp. I run a very low traffic personal site, so unless this was an explicit attack, those should be nowhere near even a thousand connections. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
bugzilla-daemon@netfilter.org
2003-Jun-24 18:33 UTC
[Bug 105] Connection tracking table full, no new connections accepted
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=105 ------- Additional Comments From laforge@netfilter.org 2003-06-24 20:33 ------- but maybe you've been under an explicit attack. The ip_conntrack core only prints that message, if the number is in fact exceeded. You most likely need to increase that number in order to accomodate for some kind of attack... Please try to look at the conntrack table and see what's going on. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
bugzilla-daemon@netfilter.org
2003-Jun-25 04:09 UTC
[Bug 105] Connection tracking table full, no new connections accepted
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=105 ------- Additional Comments From sean@yak.net 2003-06-25 06:09 ------- Ok, next time the issue comes up I'll save a copy of that info from /proc. Any other info I should get to help in debugging? ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
Apparently Analagous Threads
- [Bug 105] Connection tracking table full, no new connections accepted
- [Bug 105] Connection tracking table full, no new connections accepted
- [Bug 105] New: Connection tracking table full, no new connections accepted
- Conntrack table full and Heavy p2p loaded traffic manager ...
- ip_conntrack: table full, dropping packet.