TCP/IP stack questions on timeouts and dropping connections.
Mike McGrath
mmcgrath at iesabroad.org
Tue Jul 26 13:37:55 UTC 2005
> -----Original Message-----
> From: fedora-list-bounces at redhat.com
> [mailto:fedora-list-bounces at redhat.com] On Behalf Of Naoki
> Sent: Tuesday, July 26, 2005 2:55 AM
> To: fedora-list at redhat.com
> Subject: TCP/IP stack questions on timeouts and dropping connections.
>
> Hi all,
>
> Quick question. Is there a way (kernel parameter or iptables
> hack ) to drop connections that last over an arbitrary time
> value. Even better would be the ability to restrict that rule
> to a specific TCP port. So for example drop connections to
> port 80 that have been established for over 20 seconds?
>
> A little odd to want to do this I know...
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
>
Often times this is controlled by the application. In your example if
using apache you can use the TimeOut directive. I would assume you only
want to drop connections that are idle? I do not know of any way to set
this in the kernel.
http://httpd.apache.org/docs/2.0/mod/core.html#timeout
-Mike
More information about the fedora-list
mailing list