On Fri, Oct 7, 2011 at 5:14 PM, atadmin <nginx-forum@nginx.us> wrote:

> I tested with this flag enable and disables and the result is the same,
> now is disables because was the las test. Iptables is not enabled for
> the test.
>
>
Just confirming you actively removed the nf_conntrack modules. My boxes have
logged conntrack rules warnings in syslog, so if you're not seeing them,
then it's probably not your problem anyway.

My box with connection track is still tracking even though my iptables is
stopped:
[root@bf1 ~]# service iptables stop
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
[root@bf1 ~]# lsmod | grep nf_conn
nf_conntrack_ipv6 19655 2
nf_conntrack 79643 2 nf_conntrack_ipv6,xt_state
ipv6 321509 28 ip6t_REJECT,nf_conntrack_ipv6
[root@bf1 ~]# cat /proc/sys/net/netfilter/nf_conntrack_count
2

My box with connection track removed:
[brad@cache1 ~]$ cat /proc/sys/net/netfilter/nf_conntrack_count
cat: /proc/sys/net/netfilter/nf_conntrack_count: No such file or directory

Connection tracking probably isn't your issue, but for completeness sake,
just confirming.

--
Bradley Falzon
brad@teambrad.net
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx