To all, I've got a FreeBSD system (4.10-RELEASE) with ipfilter compiled into the kernel. I'm trying to set a few sysctl values via /etc/sysctl.conf, but they don't seem to have any effect. Specifically, here's what I've put in my sysctl.conf file:
net.inet.ipf.fr_tcpidletimeout=7200 net.inet.ipf.fr_tcpclosewait=120 net.inet.ipf.fr_tcplastack=120 net.inet.ipf.fr_tcptimeout=240 net.inet.ipf.fr_tcpclosed=60 net.inet.ipf.fr_tcphalfclosed=300 net.inet.ipf.fr_udptimeout=90 net.inet.ipf.fr_icmptimeout=35 These settings are not applied when the system is restarted. Furthermore, I see the following when I try by hand: # sysctl net.inet.ipf.fr_tcpidletimeout=7200 net.inet.ipf.fr_tcpidletimeout: 864000 sysctl: net.inet.ipf.fr_tcpidletimeout: Device busy So, am I missing something? Do I need to do something special to override these values when ipfilter is compiled into the kernel? Any assistance would be greatly appreciated. Matt.
