target for modifying conntrack timeout value

Richard richard at
Mon Dec 6 08:43:33 CET 2004

> That should indeed work by calling ip_ct_refresh (ip_ct_refresh_acct
> in 2.6, it seems) in e.g. filter, matching --dport 5060. Just make
> sure you do it in front of any '-m state --state ESTABLISHED -j ACCEPT'
> rules.
> Go ahead, write such a target.

I finished the code and testing. It is based on the stable versions of
iptables and pom. I'd like to have it included in cvs. Should I post the
patch based on stable or cvs?

Btw, the cvs server seems down now. I followed the instruction in


More information about the netfilter-devel mailing list