From: | Adam Carter <Adam.Carter@×××××××××.au> | ||
---|---|---|---|
To: | "gentoo-user@l.g.o" <gentoo-user@l.g.o> | ||
Subject: | RE: [gentoo-user] Gentoo router: Conntrack table full | ||
Date: | Tue, 25 Mar 2008 06:15:17 | ||
Message-Id: | 707E41AE68E444499861C6B248AB8684533A9D14FC@excprdmbxw002.optus.com.au | ||
In Reply to: | Re: [gentoo-user] Gentoo router: Conntrack table full by Mike Williams |
1 | The contents of the connection table is in |
2 | /proc/net/ip_conntrack |
3 | |
4 | Example: |
5 | tcp 6 65 TIME_WAIT src=192.168.1.4 dst=20.x.y.40 sport=4986 dport=80 src=207.46.109.40 dst=192.168.1.4 sport=80 dport=4986 [ASSURED] mark=0 use=1 |
6 | |
7 | So go nuts with grep/awk/sed/sort/uniq etc to find what is consuming all the connections. |
8 | |
9 | +1 for what Mike said about dropping the timeouts to something more sensible. FWIW Checkpoint uses a default TCP timer of 1 hour. Use 4 hours to be conservative. |
10 | -- |
11 | gentoo-user@l.g.o mailing list |