RE: TCP/IP stack questions on timeouts and dropping connections.
From: Igor Guarisma (iguarism_at_yahoo.com)
Date: 07/26/05
- Previous message: Robin Laing: "Re: patching a crashed hard drive"
- In reply to: Mike McGrath: "RE: TCP/IP stack questions on timeouts and dropping connections."
- Next in thread: Naoki: "Re: TCP/IP stack questions on timeouts and dropping connections."
- Reply: Naoki: "Re: TCP/IP stack questions on timeouts and dropping connections."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 26 Jul 2005 09:00:50 -0500 (CDT) To: For users of Fedora Core releases <fedora-list@redhat.com>
I'm going with Mike here! I don't really think there's
a way to do this with the kernel nor iptables (which
is part of the kernel), and I'm sure that that Apache
option will work fine on the case of a WebServer.
I think you can work on a script that get a netstat
and get from there the connections on TIME_WAIT and
meassure the time somehow and given some time, kill
the connection.
--- Mike McGrath <mmcgrath@iesabroad.org> escribió:
>
>
> > -----Original Message-----
> > From: fedora-list-bounces@redhat.com
> > [mailto:fedora-list-bounces@redhat.com] On Behalf
> Of Naoki
> > Sent: Tuesday, July 26, 2005 2:55 AM
> > To: fedora-list@redhat.com
> > Subject: TCP/IP stack questions on timeouts and
> dropping connections.
> >
> > Hi all,
> >
> > Quick question. Is there a way (kernel parameter
> or iptables
> > hack ) to drop connections that last over an
> arbitrary time
> > value. Even better would be the ability to
> restrict that rule
> > to a specific TCP port. So for example drop
> connections to
> > port 80 that have been established for over 20
> seconds?
> >
> > A little odd to want to do this I know...
> >
> > --
> > fedora-list mailing list
> > fedora-list@redhat.com
> > To unsubscribe:
> http://www.redhat.com/mailman/listinfo/fedora-list
> >
> >
>
> Often times this is controlled by the application.
> In your example if
> using apache you can use the TimeOut directive. I
> would assume you only
> want to drop connections that are idle? I do not
> know of any way to set
> this in the kernel.
>
>
http://httpd.apache.org/docs/2.0/mod/core.html#timeout
>
> -Mike
>
>
> --
> fedora-list mailing list
> fedora-list@redhat.com
> To unsubscribe:
> http://www.redhat.com/mailman/listinfo/fedora-list
>
__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
Regístrate ya - http://correo.espanol.yahoo.com/
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Robin Laing: "Re: patching a crashed hard drive"
- In reply to: Mike McGrath: "RE: TCP/IP stack questions on timeouts and dropping connections."
- Next in thread: Naoki: "Re: TCP/IP stack questions on timeouts and dropping connections."
- Reply: Naoki: "Re: TCP/IP stack questions on timeouts and dropping connections."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
