This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XT_HASHLIMIT reached? Drops almost all connections..

I am having an issue. Apparently we have times when we get a SYN flood perhaps or something and then get the following errors:


2013:01:27-12:18:13 asg1-1 kernel: [235864.124073] xt_hashlimit: max count of 65536 reached

2013:01:27-12:18:13 asg1-1 kernel: [235864.124151] xt_hashlimit: max count of 65536 reached

2013:01:27-12:18:13 asg1-1 kernel: [235864.124170] xt_hashlimit: max count of 65536 reached

2013:01:27-12:18:13 asg1-1 kernel: [235864.124280] xt_hashlimit: max count of 65536 reached

2013:01:27-12:18:18 asg1-1 kernel: [235869.128122] net_ratelimit: 218489 callbacks suppressed

2013:01:27-12:18:18 asg1-1 kernel: [235869.128126] xt_hashlimit: max count of 65536 reached

The most apparent one that over fills our Kernel log is the xt_hashlimit reached. When this happens the firewall begins to drop any new connections. Today it persisted for about 30 minutes and then auto resolved itself.

I'm still investigating whether this has to do with a SYN flood attack or something else.

Can anyone explain to me what the xt_hashlimit actually is? Is there any way of raising that 65536 # to something higher?

This thread was automatically locked due to age.

Parents

0 William Warren over 12 years ago

is this a utm/astaro box? if so get astaro support involved pronto.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 William Warren over 12 years ago

is this a utm/astaro box? if so get astaro support involved pronto.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data