The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Error log Drop pocket

Discussion in 'General Discussion' started by mahdy_sharifi, Sep 17, 2014.

  1. mahdy_sharifi

    mahdy_sharifi Well-Known Member

    Joined:
    Feb 26, 2012
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hi :

    Sometimes server gows slow or even down over webserver , after check messages logs following error seeing :

    Code:
    nf_conntrack: table full, dropping packet
    TCP: time wait bucket table overflow
    No any attack on server , I increased nf_conntrack_max but not helpfull.
    but when Iptables stop this problem resolve and server back with good speed

    What is problem ?

    Thank You
     
  2. cPanelPeter

    cPanelPeter Technical Analyst III
    Staff Member

    Joined:
    Sep 23, 2013
    Messages:
    569
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    What happens when you type the following:

    Code:
    netstat -antp | grep TIME_WAIT | wc -l
    
    How many connections were returned?
     
  3. mahdy_sharifi

    mahdy_sharifi Well-Known Member

    Joined:
    Feb 26, 2012
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    netstat -antp | grep TIME_WAIT | wc -l
    4599
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Do you notice any particular output to /usr/local/apache/logs/error_log when this happens?

    Thank you.
     
  5. mahdy_sharifi

    mahdy_sharifi Well-Known Member

    Joined:
    Feb 26, 2012
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    No ... error_log normal.

    when this problem occur I run :
    service iptables stop

    and problem solved , although iptables start again after 5 min , but till 24 hrs no problem occur . (24 hrs till next cpanel update)
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You may want to try installing a third-party firewall such as CSF if your default iptables firewall rules appear to be the cause of the problem.

    Thank you.
     
  7. mahdy_sharifi

    mahdy_sharifi Well-Known Member

    Joined:
    Feb 26, 2012
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I am using CSF !
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page