On 25-Aug-2010, Florian Weimer wrote: > Do you use a stateful packet filter (such as Netfilter connection > tracking), either on the host or in front of it?
The host running BIND doesn't run any packet filter. There is a
stateful packet filter on a dedicated gateway router for the network,
which is running a custom distribution (I can't install any new
packages onto it).
> Do you monitor the number of state table entries (for netfilter,
> that would be /proc/sys/net/netfilter/nf_conntrack_count, I think)?
On the gateway router:
# cat /proc/sys/net/netfilter/nf_conntrack_count
cat: /proc/sys/net/netfilter/nf_conntrack_count: No such file or directory
--
\ “Dvorak users of the world flgkd!” —Kirsten Chevalier, |
`\ rec.humor.oracle.d |
_o__) |
Ben Finney <b...@benfinney.id.au>
signature.asc
Description: Digital signature
