Phil Oester wrote:
On Mon, May 02, 2005 at 11:51:46AM +0200, Mogens Valentin wrote:
I fail to understand why TCP_CONNTRACK_ESTABLISHED has to be 5 days.
It's not configurable from /proc, but I see nothing wrong in changing
the source to, say, 1 day.
Would someone educate me, pls.
Using a relatively recent kernel, it is indeed configurable via /proc:
# cat /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established
Yes, sorry I'd missed that. Already got educated :-
We're discussion this on netfilter.
--
Kind regards,
Mogens Valentin
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
