Greetings one and all,
OK, I've been using my home network a bit more lately and a couple (well at
least one) of things don't quite seem to gel with my filters so ...
First my filters are pretty much just the standard.filter with 0.99.3 apart
from a few minor changes to times and, (I think) one addition. I've attached
them at the end.
AN ANNOYING THING
OK pop brings the link up. ie:
Trigger: tcp 192.168.3.50/1035 203.26.10.16/110
I don't have a specific POP rule so I would expect the link to stay up for
10 minutes because of this rule:
# If we don't catch it above, give the link 10 minutes up time.
accept tcp 600 any
But it doesn't. In the Trigger example above there was no mail to pick up
and the link dropped out in 1.0 minute.
Now I suspect that the reason for this is that these rules (which come
before the tcp catch all) are overriding the accept tcp 600 any rule. Any
thoughts ???
# Once the link is no longer live, we try to shut down the connection
# quickly. Note that if the link is already down, a state change
# will not bring it back up.
keepup tcp 5 !tcp.live
ignore tcp !tcp.live
Now if this IS the case then why don't they also override say a www
connection once the link becomes innactive ? Is it because the above rules
and the "tcp any" rule don't have any identifiers apart from protocol and so
get placed in the same set ? ie. diald-examples says: "If <id> is already in
the set, ... new ... will replace ... old ... the new timeout may be less
than the old ...".
In that case I have changed my catch all to be 10 minutes which I would
guess is a waste of time since once it's finished the drop off rule will
supercede it.
If I am right I guess the only solution if I want POP to keep the link up
for 10 minutes, say, would be to specifically add it. Correct ?
Any comments, confirmations or suggestions ??????
ANOTHER MINOR NIGLING THING
I know there has been a fair bit of discussion about this one. In fact too
much to trawl through it all and summarise the conclusions. So I'm hoping
someone has been involved in examining this and can sum up what the results
were.
My link comes up initailly on bootup with a domain packet such as this:
Trigger: udp 192.168.3.49/1024 128.63.2.53/53
Anyone have an idea what is bringing it up in RH6.1 ? (BTW: RH6.1). It's
only on boot up so it's not really a problem ... the 20 cents isn't going to
break me but it all adds up after a while.
thanks,
Wilson Fletcher
standard.filter
