In certain cases, the conntrack machine does not know how to handle a specific
protocol. This happens if it does not know about that protocol in particular,
or doesn't know how it works. In these cases, it goes back to a default
behavior. The default behavior is used on, for example,
NETBLT, MUX and
EGP. This behavior looks pretty much the
same as the UDP connection tracking. The first packet
is considered NEW, and reply traffic and so forth is
considered ESTABLISHED.
When the default behavior is used, all of these packets will attain the same
default timeout value. This can be set via the
/proc/sys/net/ipv4/netfilter/ip_ct_generic_timeout
variable. The default value here is 600 seconds, or 10 minutes. Depending
on
what traffic you are trying to send over a link that uses the default
connection tracking behavior, this might need changing. Especially if you are
bouncing traffic through satellites and such, which can take a long time.
