projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d535c8a) | patch
netfilter: conntrack: udp: set stream timeout to 2 minutes
authorFlorian Westphal <fw@strlen.de>
Mon, 17 Dec 2018 23:05:29 +0000 (00:05 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 20 Dec 2018 23:48:46 +0000 (00:48 +0100)
commit294304e4c522d797b7ea8200ab74354843fa68e9
tree14c5ed235dc6980f3b892f6717f0243564bf4b36tree | snapshot
parentd535c8a69c1924e70186d80be0a9cecaf475f166commit | diff
netfilter: conntrack: udp: set stream timeout to 2 minutes

We have no explicit signal when a UDP stream has terminated, peers just
stop sending.

For suspected stream connections a timeout of two minutes is sane to keep
NAT mapping alive a while longer.

It matches tcp conntracks 'timewait' default timeout value.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Documentation/networking/nf_conntrack-sysctl.txt diff | blob | blame | history
net/netfilter/nf_conntrack_proto_udp.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)