Date: Mon, 14 Jan 2002 10:23:51 +0100 From: Richard Nyberg <rnyberg@it.su.se> To: Nate Williams <nate@yogotech.com> Cc: Ian <freebsd@damnhippie.dyndns.org>, Rolandas Naujikas <rolnauj@delfi.lt>, stable@FreeBSD.ORG Subject: Re: tcp keepalive and dynamic ipfw rules Message-ID: <20020114102351.A31319@gromit.it.su.se> In-Reply-To: <15424.33362.685365.782853@caddis.yogotech.com>; from nate@yogotech.com on Sat, Jan 12, 2002 at 11:37:06AM -0700 References: <20020112123054.A20486@localhost> <B865C95B.911F%freebsd@damnhippie.dyndns.org> <15424.33362.685365.782853@caddis.yogotech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> # Allow me to make TCP connections > ipfw add pass tcp from me to any setup > ipfw add pass tcp from any to any established IIRC it's better to use dynamic (keep-state and check-state) rules instead, because they check more state than the static. My solution to keep my ssh sessions from hanging because I made a cup of coffe was to up the syctl MIB 'net.inet.ip.fw.dyn_ack_lifetime' to a more reasonable value. -Richard To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020114102351.A31319>