On Mon, 20 Dec 2004 21:33:52 -0500, Jason Opperisano <opie@xxxxxxxxxxx> wrote: > once a TCP connection gets to ESTABLISHED [ASSURED] state--it will not > be removed from conntrack until it times out (after 5 days by default > (432000 seconds)), or one side sends a FIN-ACK packet requesting that > the connection be torn down. > > it sounds like you're shutting down endpoints after the connections are > setup, but before they have a chance to close them. I wasn't able to get a capture that expressed this particular problem. Every time I did a capture, the FINs were sent properly and the conntrack records were removed. But I have another question: is what you're telling me above that the kernel will sometimes not correctly close a socket that a process has open when it gets killed? Where is the code in the kernel that governs that behavior? linux/net/ipv4/tcp_*? -- [ Tobias DiPasquale ] 0x636f6465736c696e67657240676d61696c2e636f6d
