ping报错sendmsg: Operation not permitted

ping报错sendmsg: Operation not permitted

# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.  
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.022 ms  
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.025 ms  
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.027 ms  
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.025 ms  
64 bytes from 127.0.0.1: icmp_seq=5 ttl=64 time=0.025 ms  
64 bytes from 127.0.0.1: icmp_seq=6 ttl=64 time=0.021 ms  
64 bytes from 127.0.0.1: icmp_seq=7 ttl=64 time=0.024 ms  
64 bytes from 127.0.0.1: icmp_seq=8 ttl=64 time=0.025 ms  
ping: sendmsg: Operation not permitted  
64 bytes from 127.0.0.1: icmp_seq=10 ttl=64 time=0.019 ms  
ping: sendmsg: Operation not permitted  
ping: sendmsg: Operation not permitted  
64 bytes from 127.0.0.1: icmp_seq=13 ttl=64 time=0.029 ms  
64 bytes from 127.0.0.1: icmp_seq=14 ttl=64 time=0.018 ms  

查看dmesg

# dmesg
nf_conntrack: table full, dropping packet.  
nf_conntrack: table full, dropping packet.  

nf_conntrack表满导致丢包,删除nf_conntrack模块

# lsmod | grep nf_conntrack
nf_conntrack_ipv4       9506  3 iptable_nat,nf_nat  
nf_conntrack           79357  3 iptable_nat,nf_nat,nf_conntrack_ipv4  
nf_defrag_ipv4          1483  1 nf_conntrack_ipv4  
# rmmod iptable_nat
# rmmod nf_nat
# rmmod nf_conntrack_ipv4
# rmmod nf_conntrack
# lsmod | grep conntrack

网络恢复正常