>Okay, I've been looking for information on how to stop the timer for certain
>port timeouts when using masquerading. The timer is found in
>/proc/net/ip_masquerade and I simply do not want connections such as SSH to
>time out. Has anyone figured out a parameter or rule I can set to stop this
>from happening?
Jason, I'm not aware of any way to set different timings PER protocol.
What I usually do is put this in my IPFWADM ruleset:
--
echo "Changing IP MASQ Timeouts.."
/sbin/ipfwadm -M -s 7200 10 120
--
This sets a 2 hour tcp session time-out
10 second time-out after the fin is received
120 second time-out for udp packets
--David
.----------------------------------------------------------------------------.
| David A. Ranch - Remote Access/Linux/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
