Date: Sat, 26 Apr 2003 16:26:45 +0100 From: John Murphy <jfm@blueyonder.co.uk> To: Antoine Jacoutot <ajacoutot@lphp.org> Cc: questions@FreeBSD.ORG Subject: Re: ipfw dynamic rule timeout Message-ID: <mu8lav04c0lfbbsjhu32vfpp0inhfefsca@4ax.com> In-Reply-To: <200304261621.44416.ajacoutot@lphp.org> References: <200304261621.44416.ajacoutot@lphp.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Antoine Jacoutot <ajacoutot@lphp.org> wrote: >Hi ! > >I'm having a problem with ipfw and dynamic rules timeout. >For exemple, when I ssh to a distant machine, if I don't type anything = for=20 >like 30 seconds, the connexion is dropped. >I read this in ipfw man page: > >"Dynamic rules expire after some time, which depends on the status of = the >flow and the setting of some sysctl variables. See Section SYSCTL >VARIABLES for more details. For TCP sessions, dynamic rules can be >instructed to periodically send keepalive packets to refresh the state = of >the rule when it is about to expire." > >So I tried to following command and got this error: ># sysctl net.inet.ip.fw.dyn_keepalive=3D1 >sysctl: unknown oid 'net.inet.ip.fw.dyn_keepalive' > >Anyone has an idea how to increase the default timeout value. Probably not much help to you, but you could try: sysctl -a | grep keepalive to see what is available. The only one I see on 4.8 is: net.inet.tcp.always_keepalive: 1 I'm not actually using ipfw though. John.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?mu8lav04c0lfbbsjhu32vfpp0inhfefsca>