ip_conntrack_max?

[Raj]

On Tue, 25 Dec 2001, Patrick Schaaf wrote:

> The timeouts are in net/ipv4/netfilter/ip_conntrack_proto_tcp.c.
> If you have compiled in the ipfilter-based conntracking code
> from patch-o-matic, the timeouts can be configured through entries
> under /proc/sys/net/ipvt/netfilter/. Otherwise, you have to

Hi again guys,
I have a number of related files under it and among them is:
ip_ct_tcp_timeout_established with a value of 1800000.
The value should have been 18000 secs (5hrs), right!
How come I have two extra 0s in there? Is it set in millisecs?

The /proc/net/ipconntrack database is showing timeouts <18000 secs though!
I noticed one more thing...the date of the file is being continuosly
updated...

> modify the source (see the tcp_timeouts[] array - it's obvious).
> Whether you need to recompile a module, or the kernel, depends on
> your current answer to the "Connection tracking" kernel compile
> option (check with "grep CONFIG_IP_NF_CONNTRACK .config"); if that's
> selected as a module, you need to recompile that module, if it's builtin,
> you have to recompile and reboot the kernel.

Yes, it is selected as M ... meaning I need to recompile that module only.
Won't just changing the value in the file bring the new value into effect?
Like setting the ip_conntrack_max value...
Lastly, do I need to do "make modules && modules_install" or is there a
way to recompile that ONE module only? as this would same me valuable
time...

Thanks again,

Cheers,
Raj

>
> Hope this helps
>   Patrick
>