Date: Mon, 26 Jun 1995 14:17:41 +0900 From: Atsushi Murai <amurai@spec.co.jp> To: jkh@freebsd.org Cc: hackers@freebsd.org, daev@internet-eireann.ie Subject: Re: ij-ppp "problem" Message-ID: <9506260517.AA00073@tama3.spec.co.jp.spec.co.jp> In-Reply-To: <389.804141661@whisker.internet-eireann.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
"Jordan K. Hubbard" <jkh@freebsd.org> wrote: :I don't suppose there's a special filter for dealing with this without :also denying SMTP connections altogether? (that would be bad). If :not, would the ijppp designers perhaps consider a new type of filter :for designating packets that don't change the timeout counter? I'm :not talking about `dfilter', which prohibits a packet from triggering :_dialing_, I'm talking about a filter which says "accept this packet, :but don't bias the timeout with it - if nothing BUT these packets come :in you can still hang up the line when the timer expires." : :Just an idea.. It would allow me to work-around this problem, at :least.. I think you can set up by "afilter - keep alive filter" right now. This filter will never reset idletimer count with deny keyword even it's allow by ofilter. I did implement this filter against original for doing such a case. Here is example for you. # # Don't keep Alive with ICMP,DNS and SMTP packet # set afilter 0 deny icmp set afilter 1 deny udp src eq 520 set afilter 2 deny udp dst eq 520 set afilter 3 deny tcp dst eq 25 #set afilter 4 deny tcp src eq 25 estab set afilter 4 permit 0/0 0/0 :Thanks! Any time :-) : Jordan Atsushi. -- Atsushi Murai E-Mail: amurai@spec.co.jp SPEC Voice : +81-3-3833-5341 System Planning and Engineering Corp.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9506260517.AA00073>