Hi Dave.
Harald submitted this to you for 2.4.23
It's needed for 2.6 as well, couldn't find the original mail on any list
so here's the bk-commits-24 mail (slightly edited)
It applies fine to -test11.
It's needed before 2.6.0 is out.
ChangeSet 1.1211, 2003/11/17 15:26:43-02:00, laforge@xxxxxxxxxxxxx
[PATCH] Netfilter: Sane ip_ct_tcp_timeout_close_wait value
Hi Dave, hi Marcelo.
The following (trivial) patch _needs_ to go into 2.4.22-preX before
2.4.23 is released.
While doing the backport of the tune-conntrack-timeouts-via-procfs
patch, we have made the default for the CLOSE_WAIT state accidentially
to 3 days. 3 days are the timeout when using the tcp window tracking
patch, but not for the stock kernel.
Please apply, thanks.
diff -Nru a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
--- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Mon Nov 17 10:02:36 2003
+++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Mon Nov 17 10:02:36 2003
@@ -53,7 +53,7 @@
unsigned long ip_ct_tcp_timeout_syn_recv = 60 SECS;
unsigned long ip_ct_tcp_timeout_established = 5 DAYS;
unsigned long ip_ct_tcp_timeout_fin_wait = 2 MINS;
-unsigned long ip_ct_tcp_timeout_close_wait = 3 DAYS;
+unsigned long ip_ct_tcp_timeout_close_wait = 60 SECS;
unsigned long ip_ct_tcp_timeout_last_ack = 30 SECS;
unsigned long ip_ct_tcp_timeout_time_wait = 2 MINS;
unsigned long ip_ct_tcp_timeout_close = 10 SECS;
--
/Martin
signature.asc
Description: This is a digitally signed message part
|