Firewall tcp timeout

Firewall tcp timeout

[Kornelijus]

Hi.

Have a problem.

"Acording to related documentation by software implementation
"Firewall tcp timeout" must be set to 60 minutes."

Vatizzit?
I must do it and inform very "important" person about suck-sess.

He said cisco and other "brained" equipment understant vatizzit.

Howto_do?
I love&like netfilter
Ready to pom-xxxxxxxx and other comperhensive stuff.
Thanks.

Re: Firewall tcp timeout

[Antony Stone]

On Wednesday 19 November 2003 11:55 am, Kornelijus wrote:

> Hi.
>
> Have a problem.
>
> "Acording to related documentation by software implementation
> "Firewall tcp timeout" must be set to 60 minutes."

There are many timeouts associated with TCP - the above description is 
insufficiently specific to identify which one is being referred to.

See /usr/src/linux/Documentation/networking/ip-sysctl.txt for some 
information about the timeouts included in the normalLinux TCP/IP stack, and 
see /usr/src/linux/net/ipv4/netfilter/ip_conntrack_proto_tcp.c for similar 
values used in the netfilter connection tracking system.

Once you've found out which of these values your documentation is referring 
to, you can change it to whatever you like, either by writing to a file in 
/proc/sys/net/ipv4, or by recompiling netfilter conntracking, depending on 
which value it is you want to adjust.

Regards,

Antony.

-- 

Perfection in design is achieved not when there is nothing left to add,
but rather when there is nothing left to take away.

 - Antoine de Saint-Exupery
                                                     Please reply to the list;
                                                           please don't CC me.