kernel: nf_conntrack: table full, dropping packet.
13 年 ago jony kernel: nf_conntrack: table full, dropping packet.已关闭评论
[root@ns1-shpbs netfilter]# cat nf_conntrack_max
65536
[root@ns1-shpbs netfilter]# cat nf_conntrack_tcp_timeout_established
432000
nf_conntrack_tcp_timeout_established在默认情况下为 default value is 432000sec ,5 days
[root@dns1 /]# echo 655350 > /proc/sys/net/netfilter/nf_conntrack_max
[root@dns1 /]# echo 10800 > /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_established
# sysctl -a | grep conntrack
# vi /etc/sysctl.conf
net.netfilter.nf_conntrack_tcp_timeout_established = 10800
net.netfilter.nf_conntrack_max = 655350
# sysctl -p
