On Wednesday 08 September 2004 07:33 am, Josephine wrote:
On Wednesday 08 September 2004 16:46, peter.kanters@nl.abnamro.com wrote:
Dear suse-security list,
I had this problem : kernel: ip_conntrack: table full, dropping packet. I found this solution : sysctl -w net.ipv4.ip_conntrack_max="32768"
After i restart susefirewall2 the value off ip_conntrack_max is back to default 16k . How can i solve this ??
Best regards, Peter.
Hello Peter
echo 32768 > /proc/sys/net/ipv4/ip_conntrack_max
Still, you should consider adding this at your firewall script in /etc/sysconfig/scripts, so it can be loaded automatically after every reboot/flush/etc.
Josephine
Or perhaps finding out why you have this problem in the first place. I've often seen this when there is an infected windows box behind the Linux firewall... -- _____________________________________ John Andersen