tcphelp at streamlined-dev.com
Tue Mar 29 21:36:16 CEST 2005
Perhaps I am misunderstanding something here - but I was seeking to use
the timeout from connection tracking for the close_wait state:
I've set this value at 300, and it seems to have little effect.
(it was 60, but I've read it is also supposed to be as high as 12 hours)
I have an application that is leaving many sockets in the CLOSE_WAIT
state for extended periods of time. I know the solution is to work
with the application vendor and get him to correct this problem in his
application. I am trying to do this - but it is slow going - and the
vendor points out that this is not a problem with FreeBSD, possibly
because they've tuned some of the network parameters with ndd.
Is this the correct setting to use for timing out sockets in the
Do I need to enable connection tracking somehow for this particular
port (iptables -A INPUT -p tcp -m state --state ESTABLISHED --dport
$PORTNUM -j ACCEPT)?
Or is this not even the type of thing this timeout is supposed to be
able to do?
Is there another option besides tcp-window-tracking that I should look
Any help / pointers are greatly appreciated.
More information about the netfilter