Use min(idle/2, 50ms) so very short idle timeouts (mainly in tests) are
caught within one tick; the 50ms cap still keeps detection latency bounded
for long idle values without needlessly frequent wakeups.
- netrelay: only propagate CloseWrite on clean io.EOF; cancel both sides
on any other copy error so a short write, reset, or broken pipe can't
leave the opposite direction blocked.
- TestTCPCapPrefersTombstonedForEviction: assert both live pre-cap
entries survive, not just that the tombstone is gone, so a regression
that evicts a live entry instead of the tombstone is caught.
- netrelay: replace per-direction read-deadline idle tracking with a
single connection-wide watchdog that observes activity on both sides,
so a long one-way transfer no longer trips the timeout on the quiet
direction. IdleTimeout==0 remains a no-op (SSH and uspfilter forwarder
call sites pass zero); only the reverse-proxy router sets one.
- netrelay tests: bound blocking peer reads/writes with deadlines so a
broken relay fails fast; add a lower-bound assertion on the idle-timeout
test.
- conntrack cap tests: assert that the newest flow is admitted and an
early flow was evicted, not just that the table stayed under the cap.
- ssh client RemotePortForward: bound the localAddr dial with a 10s
timeout so a black-holed address can't pin the accepted channel open.
