On Wed, Feb 05, 2003 at 10:58:45AM +0100, Esteban wrote: > Is it possible to modify the timeout for a protocol ? for example esp ? > thx
Yes it is. But AFAIK, this requires recompiling netfilter (affected
modules). As far as ICMP is concerned, the default timeout is hard coded
in /usr/src/linux/net/ipv4/netfilter/ip_conntrack_proto_icmp.c line 9.
Analog for TCP and UDP (except the line number ;)).
ESP, I don't know but would like to.
Regards, Willi
--
A Microsoft Certified System Engineer is to information technology as a
McDonalds Certified Food Specialist is to the culinary arts.
Michael Bacarella commenting on the limited value of certification.
msg28743/pgp00000.pgp
Description: PGP signature
