ip_conntrack: table full, dropping packet.
Roman Kolasiewicz
rkolasiewicz w excellent.com.pl
Wto, 3 Lut 2004, 08:08:21 CET
Witam,
Monday, February 2, 2004, 11:47:54 PM, Arkadiusz Chomicki wrote:
> czy to znaczy ze connlimit to to samo co iplimit?
Wedlug pomocy tak:
<------>
(AC)
[root w xenon root]# iptables -A FORWARD -p tcp -m connlimit -h
iptables v1.2.9-20031209
(...)
connlimit v1.2.9-20031209 options:
[!] --connlimit-above n match if the number of existing tcp
connections is (not) above n
--connlimit-mask n group hosts using mask
(RA)
[root w 3net /root]# iptables -A FORWARD -p tcp -m iplimit -h
iptables v1.2.7a
(...)
iplimit v1.2.7a options:
[!] --iplimit-above n match if the number of existing tcp
connections is (not) above n
--iplimit-mask n group hosts using mask
<------>
> bo przeczytalem cos takiego w specu kernela
> # ALWAYS use released patchomatic tarball (don't use CVS)
> # DO NOT include patches from patch-o-matic/userspace since they cause iptables incompatibilities
Nie rozumiem jak to sie ma do connlimit/iplimit
--
Best regards,
Roman
Więcej informacji o liście dyskusyjnej pld-users-pl