[SR-Users] UDP send: Operation not permitted

Sebastian Damm damm at sipgate.de
Wed Sep 16 12:15:08 CEST 2015


On Wed, Sep 16, 2015 at 10:44 AM, Daniel Tryba <d.tryba at pocos.nl> wrote:

> You should look at the OS level, the error is from the kernel.
>

I know, but dmesg, syslog or kernel log don't say anything.


> Are you runing out of sockets/files? It the connection tracker full?
>

The connection tracking table is monitored and never close to full. How
could I check the sockets/files?


> BTW you accept related and new state, this makes no sense, you could just
> as
> well have no rules for the OUTPUT chain (which is much better for
> perfomance).
>

I know. My old hand-written firewall was much smaller and almost stateless.
But according to our administrators policy all firewalls should be
generated by FWbuilder, which generates pretty ugly rules, and also
implicitly injects the related rule. (I'm not really happy with that.)

Sebastian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20150916/497dcef7/attachment.html>


More information about the sr-users mailing list