Ricardo Kleemann wrote: > Thanks Erich. > >> These two links may help: >> >> http://osdir.com/ml/linux.leaf.user/2005-04/msg00089.html >> >> http://www.wallfire.org/misc/netfilter_conntrack_perf.txt >> > > Those links show how to change the conntrack_max. But my problem is > really trying to prevent the table from filling up. I'm sure that the > leaf box is getting flooded and I'm trying to see how to best handle it. > > My box has only 64M of memory, the conntrack_max is already set to 4096, > I've had to temporarily increase that so the table doesn't fill up > quickly, but it will still fill up.
You could look into the shorewall statistics to see which chains fill up rapidly. If you differentiate between a number of protocols you can probably see which protocol is the one most likely to be hit. You can set a connection rate on all the traffic you accept. The shorewall docs may help. I suggest in the medium term to upgrade as more recent shorewall versions may have even better diagnostics. cheers Erich ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
