Hi, I have a NATted client behind a router that sends a single UDP keepalive packet to a server. The server responds with a single packet. According to the output of /proc/net/ip_conntrack however the mapping that is created is not in the ASSURED state and is therefore only kept alive for 30s. Is this expected? I was expecting the connection to be ASSURED and to have a 180s timeout. Router is running 2.6.22.19, which is old, but I'm stuck on it. I took a look at the source for that version and the latest kernel and it looks essentially the same to me and seems to suggest that if both a send and a response is seen then that's enough to make the connection ASSURED, so I thought to ask here. Background: I have an Android phone and am using the built in SIP client behind a Netgear router running Tomato. Router's UDP assured timeout is set to 180s, unreplied is 30s. The SIP client is trying to be smart and find the longest keepalive that works; it has an algorithm that starts at 10s and is supposed to work up to 120s over time/depending on battery level/possibly some other voodoo, but it sometimes gets into a state where it goes over 120s and even over 180s. By the time it gets to keepalives >180s I hit the above problem where the router is only keeping the hole open for 30s. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
