UTM Firewall

Network Protection: Firewall, NAT, QoS, & IPS /proc/sys/net/ipv4/ip_conntrack_max ?

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 2 replies
Subscribers 2 subscribers
Views 3003 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

/proc/sys/net/ipv4/ip_conntrack_max ?

vogno over 22 years ago

/proc/sys/net/ipv4/ip_conntrack_max could be changed?
sometime one of firewall reaches the count of 32000
(/proc/sys/net/ipv4/ip_conntrack_max).

So kernel log says that
Jul 22 15:02:43 (none) kernel: ip_conntrack: table full, dropping packet.

As other normal linux box, max count could be changed to
process much more connections?

Thanks in advance.

This thread was automatically locked due to age.

0 andreas over 22 years ago

Thats a licensincing limitation. Buy a bigger license if you need more concurrent connections :-)

Greets,
andreas
Cancel
Vote Up 0 Vote Down

Cancel
0 gnujuba over 22 years ago

look at this:

http://www.netfilter.org/documentation/FAQ/netfilter-faq-3.html#ss3.6
Cancel
Vote Up 0 Vote Down

Cancel