Category Archives: Network

iptables connection tracking table full

I’ve recently experienced that my workstation (Ubuntu Jaunty Jackalope, 9.04, x86_64) “hangs” periodically when my internet browser, Mozilla Firefox, has a lot of active tabs.
In my case I had > 100 active tabs in more than 20 windows. I know I should have closed some of them but that is not an option right now.

The problem reveiled itself doing a dmesg on my workstation

# dmesg

[1737157.057528] nf_conntrack: table full, dropping packet.
[1737157.160357] nf_conntrack: table full, dropping packet.
[1737157.260534] nf_conntrack: table full, dropping packet.
[1737157.361837] nf_conntrack: table full, dropping packet.
[1737157.462305] nf_conntrack: table full, dropping packet.
[1737157.564270] nf_conntrack: table full, dropping packet.
[1737157.666836] nf_conntrack: table full, dropping packet.
[1737157.767348] nf_conntrack: table full, dropping packet.
[1737157.868338] nf_conntrack: table full, dropping packet.
[1737157.969828] nf_conntrack: table full, dropping packet.
[1737162.214064] __ratelimit: 53 callbacks suppressed

This bahaviour looks like Denial-Of-Service and is caused by a full iptables connection_table.

The default size of the iptables connection tracing table is

# cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max
65536

The solution I went for was to double the size of connection table to 131072 and restarted firefox.

# echo "131072" > /proc/sys/net/ipv4/netfilter/ip_conntrack_max

This value is a 32-bit integer so the table size can be quite large and you will need much more RAM before you can use this size.

To make this solution permanent I added the following line to /etc/sysctl.conf

net.ipv4.netfilter.ip_conntrack_max = 131072

You can test this by executing the following command

# sysctl -p
131072

This command loads the /etc/sysctl.conf settings.

Search Wikipedia using the command line

This post describes how you can search Wikipedia from the command line using a DNS tool like nslookup in Windows or dig in linux.
Handy if you don’t wan’t to open a Internet browser to do a simple Wikipedia query.

Windows
This is how it’s done in Windows

  1. Choose Start -> Run
  2. Write “cmd” and press OK
  3. Write “nslookup” and press ENTER
  4. Write “set type=txt” and press ENTER
  5. Write <topic>.wp.dg.cx and press ENTER

Using linux
This is how it’s done from a console window in linux

# dig +short txt search_keyword.wp.dg.cx

Example

# dig +short txt oslo.wp.dg.cx
"(formerly Christiania) is the capital and largest city in Norway. Metropolitan Oslo or the Greater Oslo Region makes up the third largest urban area in Scandinavia after Metropolitan Stockholm and Metropolitan Copenhagen. http://en.wikipedia.org/wiki/Oslo"

Source: http://lifehacker.com/5329014/search-wikipedia-from-the-command-line

HowTo use lftp as a sftp client

lftp is a file transfer program that allows sophisticated ftp, http and other connections to other hosts. If site is specified then lftp will connect to that site otherwise a connection has to be established with the open command.

Basic usage

  • lftp sftp://[domain name]
  • lftp sftp://example.com

Use a different user name than the one you are currently using

  • lftp sftp://[user name]@[domain name]
  • lftp sftp://username@example.com

Use a different port and different user name

  • lftp sftp://[user name]@[domain name]:[port number]
  • lftp sftp://userName@example.com:2222

Recursive download/upload

lftp> mirror directory_to_download
lftp> mirror -R directory_to_upload

For more lftp options type the following command in a console window

# man lftp

Using DynDNS to access a server with dynamic IP-addresses

This post describes how you can access your server using a host name instead of the dynamic IP addresses (from DHCP) it has assigned at the moment. I’m going to describe how to use DynDNS, but this also applies to other services like EasyDNS, DSLreports.com and ZoneEdit. This tutorial has been tested on my Ubuntu 9.04 home server. You need to create an account at DynDNS if you are planning to to this.

First you have to install the ddclient package and in debian and Ubuntu you run the command

# aptitude install ddclient

To reconfigure ddclient

# dpkg-reconfigure ddclient

You should validate the config file /etc/ddclient.conf to make sure your settings are right.
This is the content of my config file

# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf

pid=/var/run/ddclient.pid
protocol=dyndns2
use=if, if=eth2
server=members.dyndns.org
login=username
password='mysecretpassword'
hostname.dyndns.org

You can see that I user network interface eth2 as my internet connection and my login and password is the information I registered at DynDNS.com

Restart the ddclient daemon if you do any changes to the config file

# /etc/init.d/ddclient restart

You are now able to connect to your server using the hostname you defined in the server line in the config file, in my case hostname.dyndns.org

Howto install Skype on a 64bit Ubuntu 9.04

This post describes how to install Skype, the popular VOIP and video conference program on a 64bit Ubuntu 9.04 (Jauty Jackalope) system.

# sudo apt-get install ia32-libs lib32asound2 libqt4-core libqt4-gui 
# wget -O skype-install.deb http://www.skype.com/go/getskype-linux-ubuntu
# sudo dpkg -i --force-architecture skype-install.deb

The application should now be located under Applications -> Internet -> Skype.