Quoting pacman (pacman-kernel@cqc.com):
> Steve Thompson writes the following:
> >I don't know about anyone else, but I find that the default value of
> >15 minutes for IP_MASQ_S_ESTABLISHED seems a little short. I may be slightly
>
> Isn't this the same variable that is set by ipfwadm -M -s ...?
Well, I have had "ipchains -M -S 7200 0 3600" in my startup scripts for ages.
The documentation states that the parameters are for "TCP sessions, TCP
sessions after receiving a FIN packet, and UDP packets". Since the 7200 value
was certainly not working, I figured that something else was wrong ... and
that appears to be the case. I just executed "ipchains -M -S 20 0 0", logged
in to a remote host, and waited thirty seconds. The connection did not go
away, as I assume it should.
I admit the possibility that I am doing something wrong, but I can't imagine
what that would be.
[ After sending off a reply to pacman, another message indicated that the
feature was broken in the 2.1 series, though I have had this problem under 2.0
as well.]
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/