On Thu, Jun 27, 2002 at 12:21:45PM +1000, Andrew Smith wrote: > This gives a good example when being able to set the timeout dependant > upon specific factors (e.g. port/protocol) would be good rather than a > global timeout that suits specific cases and does not match many cases > - and causes a severe problem for a limited set of cases
Sorry, but we've had this discussion over and over again. Go to the list archives and look for tuneable timeouts. The conclusion of this discussion was, that we need to cope with all cases without any tuning being necessarry. btw: For the 'ping' case, the icmp echo reply is closing the connection anyway. conntrack is mostly about tracking layer 3+4 protocol state. And this should happen as transparent as possible, so assumptions about the application are made. [conntrack helpers are an exemption, and be sure I would be much happier if we didn't need to have them]. > -Cheers > -Andrew -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M- V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)
