Hi,
There are hosts in my LAN behind a Shorewall FW that need to keep
Oracle connections alive (tcp 1521) with other hosts that are behind a
remote Fortinet Fortiguard FW.
The Fortinet admin has set the following in his FW:
set protocol 6
set timeout 28800
set start-port 1521
set end-port 1521
I don't know how to translate "set timeout 28800" to
Shorewall/iptables on Linux.
I've searched for timeouts and keepalives at OS level with sysctl such as:
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_time = 7200
but I believe that wouldn't necessarily apply here in the case of a
Shorewall router, or would it?
Also, I don't want to change any global OS settings, but I'd rather
stick to just tcp 1521.
I didn't see anything in shorewall about keepalives or connection
timeouts except rate limiting in the rules file and TTL in the mangle
file.
Nothing that seems to apply to the topic at hand.
Any suggestions?
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
