ip_contrack: table full howto (1)

I see several of this in my firewall logs:

<snip>
> kernel: ip_conntrack: table full, dropping packet.
> kernel: NET: 50 messages suppressed.
> kernel: ip_conntrack: table full, dropping packet.
>
>  What this means????
>
>  Do i have something wrong in my iptables configuration??
>

Apparently your ip_conntrack table is full, you can review your table
with:

# cat /proc/net/ip_conntrack

The max number of connections is set in

# cat /proc/sys/net/ipv4/ip_conntrack_max

You can increase it with:

# echo “some_number” > /proc/sys/net/ipv4/ip_conntrack_max

Which might resolve your problem.

–
Staf Wagemakers

email:          staf@xxxxxxxxx
homepage:       http://staf.patat.org