server unacessible - apf/ip_conntrack

hello,

our server is continually going unaccessible.

the support where we host told us it is the firewall's iptable being full -- i kinda agree with them -- its logged all over in /var/log/messages

however, why does that ip_conntrack table get full and what is correct solution to this? just increasing ip_conntrack_max limit ?

we increased ip_conntrack_max limit and it seemed to work for a while...today server was unaccessible again... funny is MRTG still show some traffic... they disabled the firewall (cant verify atm) and http seem to work but cant ssh or ftp in.

any ideas ?

if u have any further ideas or experience what else this cud be feel free to PM me... i can pay you if you can help us solve this. please note u wont be given access to server.

thank you.

 

 

 

 

Top