From: "Brian J. Murrell" <brian@interlinx.bc.ca>
To: netfilter@vger.kernel.org
Subject: Re: How to drop an idle connection with iptables?
Date: Fri, 25 Nov 2011 06:16:32 -0500 [thread overview]
Message-ID: <janteh$3ui$1@dough.gmane.org> (raw)
In-Reply-To: <4ECF299D.9040005@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1014 bytes --]
On 11-11-25 12:37 AM, lu zhongda wrote:
> On 2011-11-24 19:30, Brian J. Murrell wrote:
>>
>> You didn't answer my other question though, which is why do you think
>> you need to be dropping idle, yet still ESTABLISHED sessions (and
>> breaking higher level protocols when you do that)?
> The need to drop idle connection comes from one technical support request:
Answering my question of "why do you want to do this" with "because
somebody asked" does not really answer the question though.
There is an important reason for me to to ask and you to answer the
question (i.e. with a real-world use-case) and that's because typically
when somebody is proposing to do things that are "strange" or "not as
intended" (and indeed which will result in other things breaking -- like
TCP in this case) it's because they are trying to solve a problem with
the wrong tool.
Can you please provide a real-world use-case as to why you'd want/need
to stop (i.e. break) an open TCP session?
Cheers,
b.
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 262 bytes --]
next prev parent reply other threads:[~2011-11-25 11:16 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-23 10:48 How to drop an idle connection with iptables? lu zhongda
2011-11-23 12:37 ` Brian J. Murrell
2011-11-24 9:46 ` lu zhongda
2011-11-24 11:30 ` Brian J. Murrell
2011-11-25 5:37 ` lu zhongda
2011-11-25 11:16 ` Brian J. Murrell [this message]
2011-11-25 13:45 ` lu zhongda
2011-11-25 14:20 ` Nikolay Kichukov
2011-11-26 11:32 ` lu zhongda
2011-12-01 10:22 ` Anatoly Muliarski
2011-12-01 10:39 ` Jan Engelhardt
2011-11-25 20:01 ` John Haxby
2011-11-26 11:30 ` lu zhongda
2011-11-25 1:14 ` Gao feng
2011-11-25 3:40 ` lu zhongda
2011-11-25 3:41 ` lu zhongda
2011-11-25 3:59 ` lu zhongda
2011-11-25 5:39 ` Gao feng
-- strict thread matches above, loose matches on Subject: below --
2011-11-22 12:22 陆仲达
2011-11-23 3:27 ` Lloyd Standish
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='janteh$3ui$1@dough.gmane.org' \
--to=brian@interlinx.bc.ca \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).