ip_conntrack_max?
Patrick Schaaf
bof@bof.de
Tue, 25 Dec 2001 20:47:06 +0100
Raj,
> Is it required to recompile the kernel (make dep clean bzImage) and the
> modules (make modules modules_install) OR is just recompiling the kernel
> is good enough?
The timeouts are in net/ipv4/netfilter/ip_conntrack_proto_tcp.c.
If you have compiled in the ipfilter-based conntracking code
from patch-o-matic, the timeouts can be configured through entries
under /proc/sys/net/ipvt/netfilter/. Otherwise, you have to
modify the source (see the tcp_timeouts[] array - it's obvious).
Whether you need to recompile a module, or the kernel, depends on
your current answer to the "Connection tracking" kernel compile
option (check with "grep CONFIG_IP_NF_CONNTRACK .config"); if that's
selected as a module, you need to recompile that module, if it's builtin,
you have to recompile and reboot the kernel.
Hope this helps
Patrick