Gargoyle Forum

Hi, guys.

I recently installed gargoyle 1.7.2 on my new Netgear WNDR4300. Everything seems to be fine. But the syslogs keeps showing things like this:

Fri Aug 14 15:41:14 2015 kern.warn kernel: [58926.650000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:14 2015 kern.warn kernel: [58926.660000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:14 2015 kern.warn kernel: [58926.660000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:19 2015 kern.warn kernel: [58932.100000] net_ratelimit: 83 callbacks suppressed
Fri Aug 14 15:41:19 2015 kern.warn kernel: [58932.100000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:19 2015 kern.warn kernel: [58932.640000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:20 2015 kern.warn kernel: [58932.730000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:20 2015 kern.warn kernel: [58932.760000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:23 2015 kern.warn kernel: [58935.780000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:23 2015 kern.warn kernel: [58936.330000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:23 2015 kern.warn kernel: [58936.330000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:23 2015 kern.warn kernel: [58936.350000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:23 2015 kern.warn kernel: [58936.520000] nf_conntrack: table full, dropping packet
Fri Aug 14 15:41:23 2015 kern.warn kernel: [58936.540000] nf_conntrack: table full, dropping packet

What is this nf_conntrack? I have a NAS running transmission 24*7. Is it possible the warns are cause by large amounts of UDP requests?
What should I do to fix it?

Thanks a lot.

Yea I think that flooding is probably causing you an issue.
You're hitting the limit specified on "Firewall - Connection Limits". You can increase this number at the expense of memory/performance.
If you set it too high your router will probably run out of memory and eventually grind to a halt (requiring a reboot).


Your other option would be to drop the timeouts for them to kick off old connections quicker.

Lantis wrote:Yea I think that flooding is probably causing you an issue.
You're hitting the limit specified on "Firewall - Connection Limits". You can increase this number at the expense of memory/performance.
If you set it too high your router will probably run out of memory and eventually grind to a halt (requiring a reboot).


Your other option would be to drop the timeouts for them to kick off old connections quicker.

Thanks for the reply.

I am now setting the connection limits at 12000. What number is adequate for wndr4300 anyway?

And about the other option, how would I do that?

Hard to say for sure sorry mate.

I think you'll hit the limit of your cpu speed far before you hit 12000 connections but who knows.

The two options below that are the timeout required before the connection is dropped from the table.
I think they are in seconds? So 600 is 10 minutes.
You could try halving them or whatever seems appropriate.
Ultimately you're experimenting here and you might find it helps or doesn't, or it helps to a certain point.

Lantis wrote:Hard to say for sure sorry mate.

I think you'll hit the limit of your cpu speed far before you hit 12000 connections but who knows.

The two options below that are the timeout required before the connection is dropped from the table.
I think they are in seconds? So 600 is 10 minutes.
You could try halving them or whatever seems appropriate.
Ultimately you're experimenting here and you might find it helps or doesn't, or it helps to a certain point.

Ya I think I have a long way to go trying these numbers.
So what if I just ignore the flooding message? What would happen then?

thinking out loud

"you tell us"

Well, I changed the max connection limit to 8192 and udp timeout to 480 and have been observing the syslogs for 2 days. Everything seems to be fine.
Thanks everyone.