On Thu, Aug 28, 2008 at 11:48 AM, Phibee Network Operation Center <[EMAIL PROTECTED]> wrote: > Prasanna Krishnamoorthy a écrit : > > On Thu, Aug 28, 2008 at 10:58 AM, Phibee Network Operation Center > <[EMAIL PROTECTED]> wrote: > > > Hi > > i am search the solution into shorewall for increase the wait tcp time > into the nat for ActiveSync Push Mail. > > > >From a cursory look, this seems to be more for a HTTP(s) proxy, than > shorewall. But if you mean iptables keeping the "natted tcp > connection" alive, then you're looking for > ip_conntrack_tcp_timeout_established > > > Hi > > thanks for your answer, i don't have proxy on this firewall and it's > Internet => DMZ. > > Where i can find the ip_conntrack_tcp_timeout_established option ? /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established
To see whether your problem is because of expiring connections, do "shorewall show connections" first. See if the connection to your "ActiveSync" server is actually established and timing out. Prasanna. -- Want to manage multiple office networks? Want to securely connect all your locations? Want to do it in a budget? www.elinanetworks.com ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
