Nelson Minar <[EMAIL PROTECTED]> wrote:
>
> One question though - why do TCP masquerade entries time out in 15
> minutes?
It's just the default timeout.
I think the masq developers just assumed that TCP connections should
have data moving most of the time. Sometimes they don't, though. FTP
control connections are a really good example. :)
You can change the timeouts in 2.0 with "ipfwadm -M -s".
In the 2.1 kernel, you're supposed to be able to to change the timeouts
with "ipchains -M -S", but I recently found that this doesn't work at
all. The ipfw-ioctl that ipchains uses causes an update to a table that
isn't used for anything. Fun, those development kernels. :)
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Her lips said 'No,' but her
sometimes known as David DeSimone || eyes said 'Read my lips!'"
http://www.dallas.net/~fox/ ||
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
