On 2018.08.23 20:36 Pablo Neira Ayuso wrote:
> On Thu, Aug 23, 2018 at 02:28:24PM -0700, Doug Smythies wrote:
>> On 2018.08.23 11:16 Pablo Neira Ayuso wrote:
>>> On Wed, Aug 22, 2018 at 05:05:14PM -0700, Doug Smythies wrote:
>>>> On 2018.08.22 11:26 Doug Smythies wr
On 2018.08.23 14:36 Florian Westphal wrote:
> Doug Smythies wrote:
>> Could you try conntrack -F after removing your ruleset?
>>
>> ad1d697 + this patch:
>>
>> O.K. that eliminates the 1 minute wait, and the other ssh connections
>> drop right awa
On 2018.08.23 11:16 Pablo Neira Ayuso wrote:
> On Wed, Aug 22, 2018 at 05:05:14PM -0700, Doug Smythies wrote:
>> On 2018.08.22 11:26 Doug Smythies wrote:
>>> On 2018.08.21 02:26 Florian Westphal wrote:
>>>
>>> ... [snip] ...
>>>
>>>>
On 2018.08.22 11:26 Doug Smythies wrote:
> On 2018.08.21 02:26 Florian Westphal wrote:
>
> ... [snip] ...
>
>> Fix this by clearing maxwin of existing tcp connections on register.
>> While at it, lower timeout of existing entries when disabling to allow
>> g
On 2018.08.21 02:26 Florian Westphal wrote:
... [snip] ...
> Fix this by clearing maxwin of existing tcp connections on register.
> While at it, lower timeout of existing entries when disabling to allow
> gc to reap entries more quickly.
>
> Reported-by: Doug Smythies
> Fix
Hi Florian,
Thanks for your quick reply, and the time you took to do it.
On 2018.08.14 11:01 Florian Westphal wrote:
> Doug Smythies wrote:
>> Sometimes it is desirable to temporarily disable, or clear,
>> the iptables rule set on a computer being controlled via a
>> secu
On 2018.08.14 13:43 Roman Mamedov wrote:
> On Tue, 14 Aug 2018 08:48:18 -0700
> "Doug Smythies" wrote:
>
>> Sometimes it is desirable to temporarily disable, or clear,
>> the iptables rule set on a computer being controlled via a
>> secure shell session (SSH
incorrect flags, nor is it considered part of the existing connection.
Doug Smythies