I understand you.
Could you at least tell me what to search for in my log files ?
I need to solve this problem but I don't know even the root cause now.
if it is not the table size, what else could it be ?
________________________________
Kimden: Tom Eastep [mailto:[email protected]]
Gönderilmiş: Pzt 06.04.2009 20:50
Kime: Shorewall Users
Konu: Re: [Shorewall-users] YNT: YNT: YNT: connection tracking problem
İlker Aktuna (Koç.net) wrote:
> I found this document:
> http://www.wallfire.org/misc/netfilter_conntrack_perf.txt
>
> But I am not sure which value to set. My current values are:
>
> [trixbox1.localdomain log]# cat
> /proc/sys/net/ipv4/netfilter/ip_conntrack_max
> 16384
> [trixbox1.localdomain log]# cat
> /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets
> 2048
>
> What would be a good setting ?
>
> And can I set it anytime ? Or should I set it when booting ?
It strikes me that if you aren't seeing allocation failures, there is no
point in changing the table settings. If you search the web for
'conntrack_max', you should find lots of info about the conntrack table.
To help you any further, I would have to do research on the web myself
then pass the information on to you. That isn't good use of my time.
_____________________________________________________________________________________________________________________________________________
Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu
e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde
kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini
kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz.
Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz,
yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi
anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta
mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus
icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir
sorumlulugu kabul etmez.
This message is intended solely for the use of the individual or entity to whom
it is addressed , and may contain confidential information. If you are not the
intended recipient of this message or you receive this mail in error, you
should refrain from making any use of the contents and from opening any
attachment. In that case, please notify the sender immediately and return the
message to the sender, then, delete and destroy all copies. This e-mail
message, can not be copied, published or sold for any reason. This e-mail
message has been swept by anti-virus systems for the presence of computer
viruses. In doing so, however, sender cannot warrant that virus or other forms
of data corruption may not be present and do not take any responsibility in any
occurrence.
_____________________________________________________________________________________________________________________________________________
------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
