Re: Flush ip_conntrack

To: Debian User ML <debian-user@lists.debian.org>
Subject: Re: Flush ip_conntrack
From: Willi Dyck <wdyck@gmx.net>
Date: Wed, 5 Feb 2003 12:52:46 +0100
Message-id: <[🔎] 20030205115246.GB605@tekilla.homeip.net>
Reply-to: Debian User ML <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20030205105845.12923c77.esteban@alstec.fr>
References: <[🔎] 20030204183955.09fdfb80.esteban@alstec.fr> <[🔎] 20030204193815.GA613@tekilla.homeip.net> <[🔎] 20030205105845.12923c77.esteban@alstec.fr>

On Wed, Feb 05, 2003 at 10:58:45AM +0100, Esteban wrote:
> Is it possible to modify the timeout for a protocol ? for example esp ?
> thx

Yes it is. But AFAIK, this requires recompiling netfilter (affected
modules). As far as ICMP is concerned, the default timeout is hard coded
in /usr/src/linux/net/ipv4/netfilter/ip_conntrack_proto_icmp.c line 9.
Analog for TCP and UDP (except the line number ;)).

ESP, I don't know but would like to.

Regards, Willi

-- 
A Microsoft Certified System Engineer is to information technology as a
McDonalds Certified Food Specialist is to the culinary arts.
        Michael Bacarella commenting on the limited value of certification.

Attachment: pgpS1tGVogMQd.pgp
Description: PGP signature

Reply to:

References:
- Flush ip_conntrack
  - From: Esteban <esteban@alstec.fr>
- Re: Flush ip_conntrack
  - From: Willi Dyck <wdyck@gmx.net>
- Re: Flush ip_conntrack
  - From: Esteban <esteban@alstec.fr>

Prev by Date: Re: gtoaster
Next by Date: log2mail problem
Previous by thread: Re: Flush ip_conntrack
Next by thread: Re: Flush ip_conntrack
Index(es):
- Date
- Thread