the support where we host told us it is the firewall's iptable being full -- i kinda agree with them -- its logged all over in /var/log/messages
however, why does that ip_conntrack table get full and what is correct solution to this? just increasing ip_conntrack_max limit ?
we increased ip_conntrack_max limit and it seemed to work for a while...today server was unaccessible again... funny is MRTG still show some traffic... they disabled the firewall (cant verify atm) and http seem to work but cant ssh or ftp in.
any ideas ?
if u have any further ideas or experience what else this cud be feel free to PM me... i can pay you if you can help us solve this. please note u wont be given access to server.
Steven Ciaburri | Industry's Best Server Management- Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
thx. yep we've increased that along with /proc/sys/net/ipv4/ip_conntrack_max -- tho i think apf change this according to its setting.
atm there seem to be other problem, i'm unable to log in and via whm it show server load 620 (heh). tho access to ftp/whm/http is is fast. but am not able to verify via top. processes shown in whm are usual ones, none show any big cpu load. how ever theres hundreds of CROND...willl look after this.. maybe this is something u know about ?