Hello linuxers,
Gotta a problem. I have RH= L 9.0 installed with a customized iptables filter+ squid proxy running on i= t.This linux box is natting a few ports into the internal netwk. where I ha= ve my web server+ mail server installed. Now the PROBLEM is that, I keep ge= tting an error "ip_conntrack table full dropping packets" and the= n the internet connection speed on the clients drops like anything although I have a leased line here. I have googled bout the problem, it seems that = the 2.4.20 kernel has this vulnerability. I have downloaded 2.4.24.tar.bz2 = kernel. But, I want to make sure whether installing this new kernel will so= lve the problem ??? If any1 could give me an alternative or guide me = how to go about installing this kernel without errors, I would gr8ly apprec= iate it.
Regards,
Abdul.
(Promoting Linux u= sage in the Middle East)
~Abdul Azim~
[1] [adstream_nx=] =
References
echo 32768 > /proc/sys/net/ipv4/ip_conntrack_max
Amitay.
On Tue, 2004-06-29 at 11:11, Abdul wrote:
Hello linuxers,
Gotta a problem. I have RH= L 9.0 installed with a customized iptables filter+ squid proxy running on i= t.This linux box is natting a few ports into the internal netwk. where I ha= ve my web server+ mail server installed. Now the PROBLEM is that, I keep ge= tting an error "ip_conntrack table full dropping packets" and the= n the internet connection speed on the clients drops like anything although I have a leased line here. I have googled bout the problem, it seems that = the 2.4.20 kernel has this vulnerability. I have downloaded 2.4.24.tar.bz2 = kernel. But, I want to make sure whether installing this new kernel will so= lve the problem ??? If any1 could give me an alternative or guide me = how to go about installing this kernel without errors, I would gr8ly apprec= iate it.
Regards,
Abdul.
(Promoting Linux u= sage in the Middle East)
~Abdul Azim~
[1] [adstream_nx=] = =0A
References
Amitay.
-
Abdul -
Amitay Isaacs