Maybe you could set up a rule to log all IP packets coming into your machine - then check the log file for any suspicious looking IP addresses - eg loads of duff packets from the same IP. Or, are you under a DDoS attack? HTH - Keith http://www.karsites.net/ SPDTool - an idea for a structured open source development CASE tool. Find out more at the above link! On Fri, 25 Feb 2005, Andreas Kunberger wrote:
To: suse-security@suse.com From: Andreas Kunberger <lise@itv-denkendorf.de> Subject: Re: [suse-security] still have problems with "kernel: ip_conntrack: table full, dropping packet."
On 24 Feb 2005 at 17:10, Sandu Mihai wrote:
I have tryied to bump up the conntrack table size using /etc/sysctl.conf and boot.sysctl, it had no effect whatsoever. The system in question is a SuSE 9.2 Proffesional with the latest patches applied.
My be you should try to cat /proc/net/ip_conntrack and investigate why it gets filled. Perhaps by a virus, a port scan or like from internal.
mfg Andreas Kunberger ITV Denkendorf
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here