[plug] TEST (Sorry but it seems there's nothing comming through here)
Andrew Furey
simpware at yahoo.com
Sat Jul 5 20:47:01 WST 2003
> The kernel log showed lots of "ip_conntrack: table
> full, dropping packet." errors, which may have been
> related.
We had that on our main gateway machine a couple of
weeks back, due to a MS-SQL-server DOS of one of our
customers (I would say Slammer, but it was only coming
from a half dozen IPs). This was revealed with
cat /proc/net/ip_conntrack | grep 1433 | wc
or whatever other grepping applies in your case to see
the cause.
We ended up blocking it at the Cisco two hops
upstream, but still had to reboot the machine to clear
the connection table (couldn't find any way to
forcibly clear them otherwise, and new connections
were being dropped by the second...)
Andrew
=====
Linux supports the notion of a command line or a shell for the same
reason that only children read books with only pictures in them.
Language, be it English or something else, is the only tool flexible
enough to accomplish a sufficiently broad range of tasks.
-- Bill Garrett
http://mobile.yahoo.com.au - Yahoo! Mobile
- Check & compose your email via SMS on your Telstra or Vodafone mobile.
More information about the plug
mailing list