Displaying 20 results from an estimated 48 matches for "hashsize".
Did you mean:
hash_size
2007 Apr 18
1
Can''t change ipt_conntrack hashsize under debian sarge ???
Hello,
I''ve tried to change ipt_conntrack hashsize and con under my debian
charge but doesn''t work !
Ive got 2876Mb available for conntrack so I''ve done (according to some
previous mail and this
http://www.wallfire.org/misc/netfilter_conntrack_perf.txt)
CONNTRACK_MAX = 2876 * 64 = 184064
HASHSIZE = 2876 * 8 = 23002
But the...
2011 Aug 02
3
[Bug 733] New: ipset restore won't restore from output of ipset save
http://bugzilla.netfilter.org/show_bug.cgi?id=733
Summary: ipset restore won't restore from output of ipset save
Product: ipset
Version: unspecified
Platform: All
OS/Version: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: default
AssignedTo: netfilter-buglog at
2011 May 13
2
Modify Parameters at system boot
Hi all.
i'm trying to modify some parameters but when system reboots it doesn't
load. For the sysctl if I run sysctl -p then it changes
/etc/sysctl.conf
net.ipv4.netfilter.ip_conntrack_max = 1048576
/etc/modprobe.conf
options ip_conntrack hashsize=131072
after reboot results
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
65536
cat /sys/module/nf_conntrack/parameters/hashsize
16384
expected results
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
1048576
cat /sys/module/nf_conntrack/parameters/hashsize
131072
Fred
--
This message...
2019 Apr 26
2
faI2ban detecting and banning but nothing happens
...2 185.234.217.221 185.36.81.165 188.165.238.157 203.2.118.130 209.166.164.71 210.6.94.23 211.72.92.124 27.156.139.95 27.156.176.146 41.164.192.74 45.227.253.100 45.227.253.99 49.87.109.233 52.38.234.254
[root at ollie2 ~]# ipset list
Name: fail2ban-sshd
Type: hash:ip
Revision: 4
Header: family inet hashsize 1024 maxelem 65536 timeout 3600000
Size in memory: 120
References: 0
Number of entries: 0
Members:
Name: fail2ban-dovecot
Type: hash:ip
Revision: 4
Header: family inet hashsize 1024 maxelem 65536 timeout 3600000
Size in memory: 3768
References: 0
Number of entries: 41
Members:
185.211.245.198 time...
2005 Aug 15
11
Hardware Configuration Ideas
Hey guys,
I am planning to buy some components for a Linux router that will handle the
Internet access of 200 computers (includes tc shaping) and some inter
sub-network routing (at least 100MBps per eth - and there are 3 eth cards).
I was thinking of a:
Pentium 4 - 3GHz
256 or 512MB RAM
Network Cards.
Now - I wonder what is more important: the processor speed or the amount of
RAM.
And can you
2013 Dec 03
8
[Bug 880] New: ipset doesn't refresh the timeout for an existing entry when the table is FULL.
...: 3.11.10-200.fc19.x86_64
ipset: v6.20.1
- Steps to Reproduce:
# ipset create http hash:ip timeout 0 maxelem 5
# ipset add http 192.168.0.1
# ipset add http 192.168.0.2
# ipset add http 192.168.0.3
# ipset add http 192.168.0.4
# ipset list
Name: http
Type: hash:ip
Revision: 1
Header: family inet hashsize 1024 maxelem 5 timeout 0
Size in memory: 16784
References: 0
Members:
192.168.0.3 timeout 0
192.168.0.4 timeout 0
192.168.0.1 timeout 0
192.168.0.2 timeout 0
# ipset add http 192.168.0.5 -exist timeout 60
(wait)# ipset list
Name: http
Type: hash:ip
Revision: 1
Header: family inet hashsize 1024 maxe...
2013 May 13
2
[Bug 819] New: ipset create setname timeout 2147484 records greater timeout
https://bugzilla.netfilter.org/show_bug.cgi?id=819
Summary: ipset create setname timeout 2147484 records greater
timeout
Product: ipset
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: major
Priority: P5
Component: default
AssignedTo:
2004 Nov 27
6
Finally making some progress
...achine (the current
firewall) has *not* undergone any changes aside from installing another
512Mb of RAM. Kernel is the same, and shorewall config is essentially
the same.
In searching for an answer, I came across this link which suggests that a
dedicated firewall should have the ip_conntrack hashsize =
ip_conntrack_max:
http://www.wallfire.org/misc/netfilter_conntrack_perf.txt
I know this isn''t strictly a shorewall issue, but I mention it here in case it is
relevant. I plan to visit netfilter lists to investigate more.
Now for a shorewall issue: it occurred to me that if I took a...
2007 Nov 14
0
ip_conntrack: falling back to vmalloc.
Hello
I''ve got a server with 3Gb of ram and I want to keep 256 for the system
and allocate the rest to conntrack ...
I''ve tried to change the HASHSIZE of the ip_conntrack but dmesg
return me this error !
ip_conntrack version 2.4 (2097152 buckets, 16777216 max) - 236 bytes per
conntrack
ip_conntrack: falling back to vmalloc.
....
I''ve use this "math" to calculate it :
(3072 - 256) x 1024^2 - 236 = 12511822,1027
The...
2006 Apr 18
1
Route cache
Hi,
I have a P4 @ 3Ghz router running Debian. It shapes traffic ( about
500-600 classes ), about 1000 iptables rules, and it does BGP too, so i get
about
1300+ routes in the routing table. The problem is the load is too high on
this system. I found a solution to my problem, turning off the route cache,
but i dont know how to implement it,
I was wondering if anyone found a way to disable the
2013 Aug 12
2
[Bug 840] New: Specifying CIDR when adding to a hash:ip entry is silently ignored
...t
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: quentin at armitage.org.uk
Estimated Hours: 0.0
# ipset create foo hash:ip netmask 24
# ipset add foo 1.2.3.4/24
# ipset add foo 1.2.4.5/32
# ipset list foo
Name: foo
Type: hash:ip
Revision: 0
Header: family inet hashsize 1024 maxelem 65536 netmask 24
Size in memory: 16536
References: 0
Members:
1.2.4.0
1.2.3.0
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
2019 Oct 08
2
[Bug 1369] New: ipset save|list -sorted sorts alphabetically instead of naturally
...before
107.0.0.0.
Version-Release number of selected component (if applicable):
ipset-7.2
How reproducible:
Always
Steps to Reproduce:
1. ipset create foo hash:net
2. ipset add foo 95.0.0.0/8
3. ipset add foo 107.0.0.0/8
4. ipset save foo -sorted
Actual results:
create foo hash:net family inet hashsize 1024 maxelem 65536
add foo 107.0.0.0/8
add foo 95.0.0.0/8
Expected results:
create foo hash:net family inet hashsize 1024 maxelem 65536
add foo 95.0.0.0/8
add foo 107.0.0.0/8
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML...
2019 Apr 19
2
faI2ban detecting and banning but nothing happens
On Friday 19 April 2019 15:19:26 Pete Biggs wrote:
> > I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested
> > on another page:
>
> The standard exim.conf already has a 535 filter. Was that not working
> for you?
I was following the instructions as shown on the page. I did find after
sending my post that there was already a regex in the standard
2017 Jun 16
2
[Bug 1158] New: using old session data when piping multiple commands
...cho -e "add test 1.1.1.1\nadd test_iface 2.2.2.2\nadd test 3.3.3.3\n" |
./ipset -
ipset v6.32: Syntax error: Second element is missing from 2.2.2.2.
ipset v6.32: Syntax error: Second element is missing from 3.3.3.3.
# ./ipset list
Name: test
Type: hash:net
Revision: 6
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 448
References: 0
Members:
1.1.1.1
Name: test_iface
Type: hash:net,iface
Revision: 6
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 416
References: 0
Members:
Printing "setname" and "typename" in types.c:adt_type_get() shows...
2000 Sep 19
1
bug.report("unused argument(s) crash R when options(error=quote (PR#663)
# Your mailer is set to "none" (default on Windows),
# hence we cannot send the bug report directly from R.
# Please copy the bug report (after finishing it) to
# your favorite email program and send it to
#
# r-bugs@biostat.ku.dk
#
######################################################
Hello!
I have observed a curious problem with the Windows version of R.
> version
2016 Dec 09
4
[Bug 1101] New: SET target unreliable in iptables - add does not work as expected
https://bugzilla.netfilter.org/show_bug.cgi?id=1101
Bug ID: 1101
Summary: SET target unreliable in iptables - add does not work
as expected
Product: netfilter/iptables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: major
Priority: P5
2007 Feb 23
3
Conntrack table full and Heavy p2p loaded traffic manager ...
Hello
I''ve setuped a bridge with l7-filter and ipp2p. We have every day + or
- between 10Mbits and 30 Mbits P2P traffic from + or - 450 customers.
When traffic increase. I''ve got this kind of error message :
Feb 23 14:26:19 gestor1 kernel: printk: 38 messages suppressed.
Feb 23 14:26:19 gestor1 kernel: ip_conntrack: table full, dropping packet.
The server is celeron
2017 Jul 19
3
under some kind of attack
Hi Robert,
On 07/18/2017 11:43 PM, Robert Schetterer wrote:
> i guess not, but typical bots arent using ssl, check it
>
> however fail2ban sometimes is to slow
I have configured dovecot with
auth_failure_delay = 10 secs
I hope that before the 10 sec are over, dovecot will have logged about
the failed login attempt, and fail2ban will have blocked the ip by then.
MJ
2007 Nov 19
15
Unexpected results using HTB qdisc
Hi All,
I am using the script below to limit download rates and manage traffic for a certain IP address and testing the results using iperf. The rate that iperf reports is much higher than the rate I have configured for the HTB qdisc. It''s probably just some newbie trap that''s messing things up but I''m buggered if I can see it.
The following script is run on the
2013 Jun 26
5
[Bug 830] New: 關於iptables影響服務器性能事宜
https://bugzilla.netfilter.org/show_bug.cgi?id=830
Summary: ??iptables?????????
Product: iptables
Version: unspecified
Platform: All
OS/Version: RedHat Linux
Status: NEW
Severity: major
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: higkoohk