path: root/src/main.c
diff options
authorPablo Neira Ayuso <>2008-08-02 18:59:36 +0200
committerPablo Neira Ayuso <>2008-08-02 18:59:36 +0200
commit16010f777b090b293a00072d8368e94418cc99f8 (patch)
tree42e7f36cb86952ae21fb670a18c6660c1ba16627 /src/main.c
parentc403246424350bae14a30fc6a115608ca15f2aa1 (diff)
conntrackd: add -t option to shorten conntrack timeouts
This patch adds the new option `-t' for conntrackd. This option shortens the value of the timeout for the cached entries that lives in the kernel. This option is particularly useful to remove the zombie established entries that remain in kernel if the user tests the platform by forcing the takeover from one to another node several times. We currently use the value of CommitTimeout which is sane for it. Adding a new option does not seem to add more flexibility IMO. Once we get the patches to notify user changes via ctnetlink and the netlink flag NLM_F_ECHO works, we may directly invoke a massive purge of the entries, however, such solution would still need evaluation. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'src/main.c')
1 files changed, 4 insertions, 0 deletions
diff --git a/src/main.c b/src/main.c
index 084643c..a4c5451 100644
--- a/src/main.c
+++ b/src/main.c
@@ -148,6 +148,10 @@ int main(int argc, char *argv[])
set_operation_mode(&type, REQUEST, argv);
action = SEND_BULK;
+ case 't':
+ set_operation_mode(&type, REQUEST, argv);
+ action = RESET_TIMERS;
+ break;
case 'k':
set_operation_mode(&type, REQUEST, argv);
action = KILL;