On Mon, Oct 21, 2002 at 08:16:44PM +0200, Stephan von Krawczynski wrote:
> Hello all,
Hi Stephan. Don't know if you remember me, but we've met at some IN e.V.
meetings in the past ;)
> After several days running kernel 2.4.20-pre7 I came across the syslogged
> message:
>
> kernel: ip_conntrack: table full, dropping packet.
>
> This box runs about 10 rules for destination nat. My simple question:
> is this a bug, or a need to tune something? If it is a bug, is there a
> later kernel that has it fixed?
it's not about the number of NAT rules, but the number of connections
going on through your machine.
the FAQ (to be found at www.netfilter.org) describes how to raise the
number of connection tracking table entries.
> Regards,
> Stephan
-- Live long and prosper - Harald Welte / laforge@gnumonks.org http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M- V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*) - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:58 EST