[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tor and iptables
On Fri, 15 Sep 2006, gabrix wrote:
> > Sep 15 09:43:58 argo kernel: ip_conntrack: table full, dropping packet.
> > Sep 15 09:43:58 argo kernel: ip_conntrack: table full, dropping packet.
> > Sep 15 09:43:58 argo kernel: ip_conntrack: table full, dropping packet.
.) cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
.) note number. multiply by 2 or 4 or whatever seems like a good measure
.) echo $newnumber > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
On my machines ip_conntrack_max is between 8 and 64k. Something around
30k should be way enough.