It seems nobody has interest in this topic so far so therefore I edited the text and title a bit.
I always thought that connections in the connection tracker where removed after they reached level ´0´ in time.
I noticed some connections counted 00:00:01 - 00:00:02 - 00:00:03 and disappeared but thought that was because the actual process must take a little longer then a couple of sec and off course the clock never stops…
But now I actually see I also have many connections actually counting up. The longest ones are already reaching 16 hours!
This is not because the set time out for that connection is still not reached. udp for instance has max. (default) timeout of 3 hours. I have many udp connections running into 16 hours now!
But, counter should run down from initial timeout setting to “0” and then the connections is been removed. But I see now connections that after reaching “0” start counting up again. Like 00:00:03 - 00:00:02 - 00:00:01 - 00:00:00 - 00:00:01 - 00:00:02 - 00:00:03 etc etc. Some already reached 17:00:xx now?
Some of these have TCP state “established”, several ones have “syn recieved” or “syn sent”.udp connections have no TCP state
I have a ´feeling´ most of these connections staying alive and counting up are P2P although they are not all labelled as such but that is possible since not all P2P is recognised.
Is there a way to have these connections dropped at their designated ´drop´ time of “0”?
What process makes it these connections stay alive longer than the “0” counter?
I find this all very weird, specially since I can’t find any info about it in the manual or Wiki and nobocy mentiones this in this forum.
R.