Never mind. I solved it when I compared these values: cat /proc/sys/net/netfilter/nf_conntrack_count cat /proc/sys/net/netfilter/nf_conntrack_max
I had to increase /proc/sys/net/netfilter/nf_conntrack_max. Sorry for the noise. Vieri ----- Original Message ----- From: Vieri Di Paola <[email protected]> To: "[email protected]" <[email protected]> Cc: Sent: Friday, February 21, 2014 2:38 PM Subject: [Shorewall-users] ping: sendmsg: Operation not permitted Hi, Recently I've been seeing network failures on my shorewall firewall. For no apparent reason (no rules changes - server untouched) some connections started failing. For instance, I can see the following: # ping 10.215.5.95 PING 10.215.5.95 (10.215.5.95) 56(84) bytes of data. ping: sendmsg: Operation not permitted 64 bytes from 10.215.5.95: icmp_req=2 ttl=60 time=3.27 ms 64 bytes from 10.215.5.95: icmp_req=3 ttl=60 time=2.96 ms 64 bytes from 10.215.5.95: icmp_req=4 ttl=60 time=2.63 ms 64 bytes from 10.215.5.95: icmp_req=5 ttl=60 time=3.11 ms 64 bytes from 10.215.5.95: icmp_req=6 ttl=60 time=2.98 ms 64 bytes from 10.215.5.95: icmp_req=7 ttl=60 time=2.44 ms 64 bytes from 10.215.5.95: icmp_req=8 ttl=60 time=2.57 ms 64 bytes from 10.215.5.95: icmp_req=9 ttl=60 time=5.11 ms 64 bytes from 10.215.5.95: icmp_req=10 ttl=60 time=2.67 ms 64 bytes from 10.215.5.95: icmp_req=11 ttl=60 time=2.58 ms 64 bytes from 10.215.5.95: icmp_req=12 ttl=60 time=3.20 ms # shorewall version 4.4.27.3 That looks really odd and tried to shorewall stop ; start ; clear. I also checked the system for rootkits with rkhunter but didn't find anything. The only way I can fix this problem is to reboot the system (after a week or so, it starts failing intermittently again). kernel 2.6.36 Any ideas? I'm not sure a shorewall dump would be useful here but please let me know. Thanks, Vieri ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
