On Fri, Oct 7, 2011 at 5:14 PM, atadmin <span dir="ltr"><<a href="mailto:nginx-forum@nginx.us">nginx-forum@nginx.us</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
I tested with this flag enable and disables and the result is the same,<br>
now is disables because was the las test. Iptables is not enabled for<br>
the test.<br clear="all"><br></blockquote></div><br>Just confirming you actively removed the nf_conntrack modules. My boxes have logged conntrack rules warnings in syslog, so if you're not seeing them, then it's probably not your problem anyway. <br>
<br>My box with connection track is still tracking even though my iptables is stopped:<br>[root@bf1 ~]# service iptables stop<br>iptables: Flushing firewall rules: [ OK ]<br>iptables: Setting chains to policy ACCEPT: filter [ OK ]<br>
iptables: Unloading modules: [ OK ]<br>[root@bf1 ~]# lsmod | grep nf_conn<br>nf_conntrack_ipv6 19655 2 <br>nf_conntrack 79643 2 nf_conntrack_ipv6,xt_state<br>ipv6 321509 28 ip6t_REJECT,nf_conntrack_ipv6<br>
[root@bf1 ~]# cat /proc/sys/net/netfilter/nf_conntrack_count<br>2<br><br>My box with connection track removed:<br>[brad@cache1 ~]$ cat /proc/sys/net/netfilter/nf_conntrack_count<br>cat: /proc/sys/net/netfilter/nf_conntrack_count: No such file or directory<br>
<br>Connection tracking probably isn't your issue, but for completeness sake, just confirming. <br clear="all"><br>-- <br>Bradley Falzon<br><a href="mailto:brad@teambrad.net" target="_blank">brad@teambrad.net</a><br>