On 03/17/2010 08:14 PM, Jan Engelhardt wrote:
On Thursday 2010-03-18 01:20, Robert Nichols wrote:
And, I just noticed that the protocol is UDP. The only way a UDP
entry gets removed from conntrack is by timing out, and that can take
up to 3 minutes (see the values in
/proc/sys/net/netfilter/nf_conntrack_udp_timeout*).
No, that is not the only way. You can manually remove entries
with `conntrack -D ...`.
Yes, I should have said, "... gets removed _automatically_ ...".
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
