How to limit conntrack sessions

Are you aware that Conntrack session exhaustion is usually due to a DDoS? Unless you normally have 58,662 active sessions (TCP Connections, UDP dstip,dstport,srcip,scrport turples)

to limit sessions

/sbin/sysctl -w net.netfilter.nf_conntrack_max=xxxx

xxxx = number

/sbin/sysctl -w net.netfilter.nf_conntrack_count

to check how many sessions

Use this command to see all of the sessions: cat /proc/net/nf_conntrack



  • 15 Users Found This Useful
Was this answer helpful?

Related Articles

HOW TO: Install an OS Template for KVM

1. Login to SolusVM.2. Click on the "Manage" button to the right of your KVM server you wish to...

Disable Root Login and Setup Public Key Authentication

If you want to increase security for your Virtual Machine (Linux based), disabling root ssh login...

Fix rsyslog CPU Usage

Run it from command line service rsyslog stopsed -i -e 's/^\$ModLoad imklog/#\$ModLoad imklog/g'...

HOW TO: Accessing SolusVM to control my KVM VPS

The following URLs for SolusVM can be used:https://manage.ftpit.comhttp://manage.ftpit.com...

HOW TO: Use NAT/Masquerading

Use the following command:iptables -t nat -A POSTROUTING -j SNAT --to-source YOURVPSIPReplace...