ip_conntrack garbage
Yesterday I ran an nmap portscan on our internal network
from our Linux router/firewall (FC4 kernel 2.6.14-1.1653).
Today I was looking in /proc/net/ip_conntrack and see one
[UNREPLIED] entry for each unsuccessful probe (i.e. one per
internal unallocated IP address) in the table.
Aren't these supposed to go away after a while? They've been
in the conntrack table now for about 22 hours.
Is this a bug? If they don't go away, will my conntrack table
eventually fill up?
Can I change the timeout value or flush the conntrack table
to clean up the stale entries?
TIA
Jim Garrison
jhg@xxxxxxxxxxxxxxx
.
Relevant Pages
- Re: ip_conntrack garbage
... >Yesterday I ran an nmap portscan on our internal network ... >entry for each unsuccessful probe (i.e. one per ... >in the conntrack table now for about 22 hours. ... the stale entries will be reused when required. ...
(comp.os.linux.networking) - Re: extra server dns entries
... I limited the interfaces tab to the local Internal Network IP as suggested. ... One program said it could not find the server. ... in DNS, I see an entry for the server's primary IP address, an entry ... This and the Register this connection's addresses in DNS in TCP/IP ...
(microsoft.public.windows.server.dns) - DNS lookup bypass HOSTS file
... Users' PCs are on company's internal network. ... an internal website because of no entry in the DNS server. ... When pinging servername.domainname.com on other PCs, ...
(microsoft.public.windows.server.dns) - Re: Domain name and registered website conflict.
... At the moment domain.com in the DNS points to your internal network, ... > Thx Simon, makes sense but how do I add a static dns entry in the DC? ... >> to point to the external web site. ...
(microsoft.public.win2000.general) |
|
