i just got a 'ip_conntrack: table full, dropping packet' because a p2p-application ran amok. i've killed the process but /proc/net/ip_conntrack still got more than 7000 (now stale) entries of 8184 max. since the table is now after ~70 minutes down to 6995 entries, i wonder if i can flush this table manually. the entries in there look like
tcp 6 155674 ESTABLISHED src=x.x.x.x dst=y.y.y.y sport=1234 dport=5678 src=y.y.y.y dst=x.x.x.x sport=5678 dport=1234 [ASSURED] use=1
and if i get ip_conntrack_proto_tcp.c right, the default timeout for ESTABLISHED is 5 days. but i dont want to wait that long :(
Patrick
_______________________________________________
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
- Re: [LARTC] flush ip_conntrack table manually? Patrick Nagelschmidt
- Re: [LARTC] flush ip_conntrack table manually... Jose Luis Domingo Lopez
