he number of connections on ip_conntrack be broadly the same
as the internal machines understanding of connections (netstat output)?
c) Has this come up before?
d) Are there any patches I could try that alter ipconntracks end of
connection heuristics?
Cheers,
--
[EMAIL PROTECTED]
http://www.bennee.com/~alex/
icant: 'TCP timeouts' or 'application
> timeouts'? Should (i.e) HTTP, FTP and Telnet have the same lifetime in
> hash?
Maybe a iptables marking approach (a-la tc)?
Alex
www.bennee.com/~alex/
). Or am I
misunderstanding the workings of conntrack?
Cheers,
--
[EMAIL PROTECTED]
http://www.bennee.com/~alex/
roject is
> either redundent or impossible, that's great, I'd like to know it. If
> it isn't redundent and it isn't impossible and no-one's yet doing it,
> that's great, I'll start one.
I've seen it mentioned on a GNU mailing list somewhere. Try checking out
freshmeat and sourceforge first?
Alex
www.bennee.com/~alex/
Alex
www.bennee.com/~alex/
BUG: error in compare netmask in destination specification in delete
command.
diff file attached
diff -c -r iptables-1.2.6a/libiptc/libip4tc.c iptables-1.2.6a.orig/libiptc/libip4tc.c
*** iptables-1.2.6a/libiptc/libip4tc.c Mon May 20 18:19:24 2002
--- iptables-1.2.6a.orig/libiptc/libip4tc.c
thout breaking API's?
As I'm a bit of a newbie to the netfilter code I thought I had better
ask the developers before I started randomly hacking :-)
--
[EMAIL PROTECTED]
http://www.bennee.com/~alex/
Ref 1 : LARTC thread
http://marc.theaimsgroup.com/?t=10190013904&r=1&w=2
directory)
includes all of the ctnetlink stuff so you don't need/shouldn't use the
ctnetlink patch---is this correct? (though adding Martin's patches would
be prudent) Or did I miss something? ('cause I didn't see much similar
in the NETLINK patch)
Thanks,
Alex
On Thu,
