> On Mon, Oct 19, 1998 at 01:47:57AM +0200, Alan Cox wrote:
> > 2. Killing connections on a drop. This potentially violates the RFC
> > check rules on time wait unless you are very careful. Also tell me
> > why it cant be done in user space by turning /proc/net/ into a set
> > of temporary 'reject' filter rules
>
> The RFC TIME_WAIT rules only make sense when the connection endpoint
> (address/port) still exists. For a dynamic address that is gone that isn't
> the case.
A reconnect within 2 minutes may recreate it. Ok still tell me why ipfwadm
rules wont do instead and we'll forget the time-wait issue
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
