Board index FIREWALL IPTABLES

kernel: ip_conntrack: table full, dropping packet.

Postby a24uall » Sun Nov 04, 2012 3:52 pm

Getting the below messages in /var/log/messages

Mar 4 08:09:41 server kernel: ip_conntrack: table full, dropping packet.


Solution:

You might need to increase the ip_conntrack_max value.

To check the current value of "ip_conntrack_max"

cat /proc/sys/net/ipv4/ip_conntrack_max

How to increase the value???

cp -ar /etc/sysctl.conf /etc/sysctl.conf.bak
vi /etc/sysctl.conf

Add or edit the field below and give the appropriate value
net.ipv4.netfilter.ip_conntrack_max = 131072

Tested with 131072 and when I received error with 65536 and it fixed
Arun
WebhostingDevelopment.com
a24uall
Site Admin
 
Posts: 166
Joined: Sun Jul 01, 2012 9:07 am

Return to IPTABLES

Who is online

Users browsing this forum: No registered users and 1 guest


cron