Tor and iptables
Peter Palfrader
peter at palfrader.org
Fri Sep 15 13:17:14 UTC 2006
On Fri, 15 Sep 2006, gabrix wrote:
> > Sep 15 09:43:58 argo kernel: ip_conntrack: table full, dropping packet.
> > Sep 15 09:43:58 argo kernel: ip_conntrack: table full, dropping packet.
> > Sep 15 09:43:58 argo kernel: ip_conntrack: table full, dropping packet.
.) cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
.) note number. multiply by 2 or 4 or whatever seems like a good measure
.) echo $newnumber > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
On my machines ip_conntrack_max is between 8 and 64k. Something around
30k should be way enough.
More information about the tor-talk
mailing list