target for modifying conntrack timeout value
Richard
richard at o-matrix.org
Tue Dec 7 03:12:25 CET 2004
> netfilter moved to subversion some time ago. See announce in the list
> archives.
>
> It appears the web pages have not been updated yet with the new
> information on how to access the subversion repository.
>
Ok, I got the latest svn. However I have trouble to get a diff between it
and my working copy. "svn diff" only diffs the existing files and does
generate a patch for new files.
Anyway, I attached this tar.gz file which is extracted into netfilter
directory. Then run "patch -p0 Makefile.diff".
I don't write a 'match' for expire timers because it is already available
through 'match conntrack' with ctexpire option.
It is only available for kernel 2.4, at least for now.
Regards,
Richard
=========================
The related man page part is,
CTEXPIRE
This is used to modify the conntrack expire field. The conntrack
expire field determines how much time left (in seconds) for the conntrack.
The conntrack will be deleted or changed to a new state when the expire
field reachs 0.
--ctexpire-set value
Set the conntrack expire value to `value' (in seconds).
--ctexpire-dec value
Decrement the conntrack expire value `value' (in
seconds), i.e. make it live shorter.
--ctexpire-inc value
Increment the conntrack expire value `value' (in seconds),
i.e. make it live longer.
========================
The help of iptables is,
CTEXPIRE target v1.3.0 options
--ctexpire-set value Set conntrack expire to <value>
--ctexpire-dec value Decrement conntrack expire by <value>
--ctexpire-inc value Increment conntrack expire by <value>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CTEXPIRE.tar.gz
Type: application/x-gzip
Size: 4672 bytes
Desc: not available
Url : /pipermail/netfilter-devel/attachments/20041206/34b56bad/CTEXPIRE.tar.bin
More information about the netfilter-devel
mailing list