How to limit conntrack sessions

Are you aware that Conntrack session exhaustion is usually due to a DDoS? Unless you normally have 58,662 active sessions (TCP Connections, UDP dstip,dstport,srcip,scrport turples)

to limit sessions

/sbin/sysctl -w net.netfilter.nf_conntrack_max=xxxx

xxxx = number

/sbin/sysctl -w net.netfilter.nf_conntrack_count

to check how many sessions

Use this command to see all of the sessions: cat /proc/net/nf_conntrack



  • 15 Users Found This Useful
Was this answer helpful?

Related Articles

Fix rsyslog CPU Usage

Run it from command line service rsyslog stopsed -i -e 's/^\$ModLoad imklog/#\$ModLoad imklog/g'...

Disable Root Login and Setup Public Key Authentication

If you want to increase security for your Virtual Machine (Linux based), disabling root ssh login...

HOW TO: Find your username and password for SolusVM

Your username and password for SolusVM and cPanel should have been sent in an e-mail with one of...

HOW TO: Use NAT/Masquerading

Use the following command:iptables -t nat -A POSTROUTING -j SNAT --to-source YOURVPSIPReplace...

HOW TO: Reset your login information?

To reset your password for the Client Area: https://secure.ftpit.com/pwreset.php.To reset your...