Re: [PATCH v3] udp: Split activity timeouts for UDP flows

On Sat, 14 Feb 2026 15:31:36 +0800 Yumei Huang wrote:

Frequent DNS queries over UDP from a container or guest can result in many sockets shown in ss(8), typically one per flow. This is expected and harmless, but it can make the output of ss(8) look noisy and potentially concern users.

This patch splits UDP flow timeouts into two, mirroring the Linux kernel, and sources the values from kernel parameters. The shorter timeout is applied to unidirectional flows and minimal bidirectional exchanges (single datagram and reply), while the longer timeout is used for bidirectional flows with multiple datagrams on either side.

Link: https://bugs.passt.top/show_bug.cgi?id=197 Suggested-by: Stefano Brivio Signed-off-by: Yumei Huang

Applied. The AppArmor policy changes work as expected, too. -- Stefano