In some mail from Allen, sie said: > > > That's sort of what I was looking for as well. I understand what the > manpage says, but it's not very informative. > > Personally, I'm thinking of using it on a box where I have to leave the > default age up high for normal tcp connections, which are slow, but > usually get torn-down and have their nat rules retired appropriately -- vs > udp "connections" for say DNS, which don't need to last nearly as long. > > What do the numbers themselves stand for? "age x/y" carries what meaning > for x and for y?
x = timeout set by packets going "forward" (i.e. initiating packets) y = timeout set by reply packets Darren
