nf_conntrack: table full, dropping packet
The above in some cases I've seen is a sign of a DOS attack or can occur if users are using services like torrenting, proxy, VPNetc... Do not take it lightly as the above can knock a server offline if the table becomes full and I've also seen full crashes and kernel panics shortly after.
........
This is a very basic method and won't work in all cases but will reduce the chance of torrenting/abuse by your server users.
iptables -A INPUT -p tcp --destination-port 6881:6999 -j REJECT
iptables -A OUTPUT -p tcp --source-port 6881:6999 -j REJECT........
I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find.
yum search ftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirrors.netdna.com
* updates: updates.interworx.info
* addons: yum.singlehop.com
* extras: mirrors.netdna.com
rpmforge........
Problems surfing web/servingI noticed sometimes websites wouldn't load at random through a FreeBSD box and other systems on the same link didn't have the issue. I believe it is because of the low default limit of 128 TCP connections that caused the problem. It would also slow down any traffic that requires many connections such as Bittorrent.
The fix is to increase the amount of connections to at least 1024
Edit [b:520b050d3e]/etc/sysctl.conf[/b:520b05........