TCP_CONNTRACK_ESTABLISHED 5days

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

(Sent this to the linux-net list; seems this list is more appropriate. Sorry for any inconvenient xposting)

I fail to understand why TCP_CONNTRACK_ESTABLISHED has to be 5 days.
It's not configurable from /proc, but I see nothing wrong in changing the source to, say, 1 day.
Would someone educate me, pls.

/usr/src/linux/net/ipv4/netfilter/ip_conntrack_proto_tcp.c :

static unsigned long tcp_timeouts[]
= { 30 MINS,    /*      TCP_CONNTRACK_NONE,     */
   5 DAYS,     /*      TCP_CONNTRACK_ESTABLISHED,      */
   2 MINS,     /*      TCP_CONNTRACK_SYN_SENT, */
   60 SECS,    /*      TCP_CONNTRACK_SYN_RECV, */
   2 MINS,     /*      TCP_CONNTRACK_FIN_WAIT, */
   2 MINS,     /*      TCP_CONNTRACK_TIME_WAIT,        */
   10 SECS,    /*      TCP_CONNTRACK_CLOSE,    */
   60 SECS,    /*      TCP_CONNTRACK_CLOSE_WAIT,       */
   30 SECS,    /*      TCP_CONNTRACK_LAST_ACK, */
   2 MINS,     /*      TCP_CONNTRACK_LISTEN,   */
};

--
Kind regards,
Mogens Valentin


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux