I fixed an error on one server once, read my article about it How to fix the error “nf_conntrack: table full, dropping package”
And there was an idea to control nf_conntrack in Zabbix.
View the current value and the maximum can be commands:
cat /proc/sys/net/netfilter/nf_conntrack_count
cat /proc/sys/net/netfilter/nf_conntrack_max
cat /sys/module/nf_conntrack/parameters/hashsize
Opened the configuration file Zabbix agent in a text editor:
nano /etc/zabbix/zabbix_agentd.conf
And he added a couple of lines at the end:
UserParameter=nf_conntrack_count,cat /proc/sys/net/netfilter/nf_conntrack_count
UserParameter=nf_conntrack_max,cat /proc/sys/net/netfilter/nf_conntrack_max
UserParameter=hashsize,cat /sys/module/nf_conntrack/parameters/hashsize
Restart the Zabbix agent to apply the changes:
sudo /etc/init.d/zabbix-agent restart
Now you can create a template on the Zabbix server (for example, with the name “TemplateName”), create the data elements in it: nf_conntrack_count and nf_conntrack_max.
Create a graph for the created data items.
You can create a trigger such as an expression (it will work when the current value of nf_conntrack exceeds 3100000):
{TemplateName:nf_conntrack_count.last(0)}>3100000
Apply the template to the desired nodes of the network.
Done.