I am using conntrack to get network session & accounting data. It works well for TCP and UDP traffic. But, I'm wondering if there is some way to tune the ICMP behavior. As it is working for me now, I get a NEW event for every ICMP echo request packet. Since many people leave 'ping' running continuously, those session logs can pile up. Many firewalls treat ICMP like UDP, where if another packet is seen within the timeout period, it's considered part of the same session. Is there any way to tune conntrack to behave like that? So, if someone leaves ping going all night, it results in a single session entry, rather than thousands? - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
