lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 13 Dec 2022 12:26:28 +0100
From:   Pablo Neira Ayuso <pablo@...filter.org>
To:     Sriram Yagnaraman <sriram.yagnaraman@....tech>
Cc:     netdev@...r.kernel.org, netfilter-devel@...r.kernel.org
Subject: Re: [PATCH] netfilter: conntrack: document sctp timeouts

Maybe I add your Signed-off-by: tag to this patch?

Signed-off-by: Sriram Yagnaraman <sriram.yagnaraman@....tech>

Thanks.

On Mon, Dec 12, 2022 at 11:07:05AM +0100, Sriram Yagnaraman wrote:
> ---
>  .../networking/nf_conntrack-sysctl.rst        | 33 +++++++++++++++++++
>  1 file changed, 33 insertions(+)
> 
> diff --git a/Documentation/networking/nf_conntrack-sysctl.rst b/Documentation/networking/nf_conntrack-sysctl.rst
> index 1120d71f28d7..49db1d11d7c4 100644
> --- a/Documentation/networking/nf_conntrack-sysctl.rst
> +++ b/Documentation/networking/nf_conntrack-sysctl.rst
> @@ -163,6 +163,39 @@ nf_conntrack_timestamp - BOOLEAN
>  
>  	Enable connection tracking flow timestamping.
>  
> +nf_conntrack_sctp_timeout_closed - INTEGER (seconds)
> +	default 10
> +
> +nf_conntrack_sctp_timeout_cookie_wait - INTEGER (seconds)
> +	default 3
> +
> +nf_conntrack_sctp_timeout_cookie_echoed - INTEGER (seconds)
> +	default 3
> +
> +nf_conntrack_sctp_timeout_established - INTEGER (seconds)
> +	default 432000 (5 days)
> +
> +nf_conntrack_sctp_timeout_shutdown_sent - INTEGER (seconds)
> +	default 0.3
> +
> +nf_conntrack_sctp_timeout_shutdown_recd - INTEGER (seconds)
> +	default 0.3
> +
> +nf_conntrack_sctp_timeout_shutdown_ack_sent - INTEGER (seconds)
> +	default 3
> +
> +nf_conntrack_sctp_timeout_heartbeat_sent - INTEGER (seconds)
> +	default 30
> +
> +	This timeout is used to setup conntrack entry on secondary paths.
> +	Default is set to hb_interval.
> +
> +nf_conntrack_sctp_timeout_heartbeat_acked - INTEGER (seconds)
> +	default 210
> +
> +	This timeout is used to setup conntrack entry on secondary paths.
> +	Default is set to (hb_interval * path_max_retrans + rto_max)
> +
>  nf_conntrack_udp_timeout - INTEGER (seconds)
>  	default 30
>  
> -- 
> 2.34.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ