ip_ct_tcp_timeout_established 500 days ??
alex
aoclarit@kiwi.dhs.org
Thu, 21 Mar 2002 20:27:10 -0800
gurus
I wanted to adjust my tcp timeout value for established connections cause I
don't think I need 5 days.
I checked
ip_ct_tcp_timeout_established
in /proc/sys/net/ipv4/netfilter/ expecting to find a value of 432000 which
would translate to 5 days.
To my surprise I found this value: 43200000 which would be 500 days.
Then I started looking for the expected value in
/proc/sys/net/ipv4/netfilter/* but couldn't find it.
I can't help thinking I'm looking at the wrong values but where would I find
the correct ones ?
All I'm trying to do is kill these leftover "ESTABLISHED" connections that
the conntrack table
doesn't know what to do with so it applies the normal 5 days timeout. Seems
to happen a lot to me
particulary with websites. I think 8 hours would be enough (or at least I
think so).
Can anyone give me some advise ?
Alex