[PATCH] tcp-window-tracking patch with sysctl support
Brad Chapman
kakadu_croc@yahoo.com
Wed, 3 Oct 2001 12:19:22 -0700 (PDT)
Mr. Kadlecsik,
--- Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> wrote:
> Hello,
>
> This is the new version of my tcp-window-tracking patch. The modifications
> are:
>
> - the default timeout value for the CLOSE_WAIT state is raised to 12 hours
> - sysctl support added (/proc/sys/net/ipv4/netfilter/), which means:
> - all conntrack timeout values can be adjusted via sysctl
> - logging of out of window packets and packets with invalid
> window scale value can be disabled/enabled via sysctl
> - a new flag ip_ct_tcp_be_liberal added. With it, one can
> almost completely disable the window tracking code.
> If ip_ct_tcp_be_liberal is set to 0, all out of window
> packets are marked as INVALID, while if it's set to 1,
> out of window RST segments are marked as INVALID only.
> - logging of out of window packets are made more verbose
>
> Regards,
> Jozsef
Does this patch remove the problem which caused the excessive
"Out of window" error messages that a lot of netfilter users have reported for
the past few months?
Thanks,
Brad
=====
Brad Chapman
Permanent e-mail: kakadu_croc@yahoo.com
Current e-mail: kakadu@adelphia.net
Alternate e-mail: kakadu@netscape.net
__________________________________________________
Do You Yahoo!?
NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month.
http://geocities.yahoo.com/ps/info1