closing connections with immediate effect effect
Binish A R
binishar at poornam.com
Sun Aug 21 13:56:07 UTC 2005
Anze Vidmar wrote:
>On Sun, 2005-08-21 at 12:06 +0600, Aroop Maliakkal wrote:
>
>
>>How can i close connections from a particular IP with immediate effect
>>after i dropped it using iptables. Still there are lot of connections in
>>state FIN_WAIT1..
>>
>>
>Maybe you should rather use DROP instead of REJECT in your iptables
>rules? Just a thought.
>
>Anze
>
>
>
No ... It has nothing to do with REJECT/DROP rules
I think you should check the following values:
sysctl -a | grep fin_wait
On my machine the value is
net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120
Decreasing the value may help solve your problem.
Check it out ...
--
Get Thunderbird <http://www.mozilla.org/products/thunderbird/>
More information about the redhat-list
mailing list