On Wed, 2012-09-19 at 12:16 -0700, me wrote: > I haven't been able to find out how long those first tcp connections stay around. Are > they timing out, hence the second connection, or is the udp stuff what is causing me > grief? You can use the conntrack userspace application to view the connection tracking table. This shows the timeout of each connection, which should help you. UDP connections are stateless so will time out fairly quickly. > If they are timing out, how can I keep limiting connections? Try changing /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout > I have a range of udp ports that are given out, can I use those somehow? The multipart match should do the trick. See man iptables. Andy -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
