From owner-freebsd-ipfw Mon Oct 23 21:30:42 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 0AD7B37B4C5 for ; Mon, 23 Oct 2000 21:30:41 -0700 (PDT) Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Mon, 23 Oct 2000 21:29:22 -0700 Received: (from cjc@localhost) by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id e9O4UbH12535 for freebsd-ipfw@freebsd.org; Mon, 23 Oct 2000 21:30:37 -0700 (PDT) (envelope-from cjc) Date: Mon, 23 Oct 2000 21:30:37 -0700 From: "Crist J . Clark" To: freebsd-ipfw@freebsd.org Subject: sysctl(8) Used? Message-ID: <20001023213037.P75251@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I wanted to up the lifetime of dynamic rules for UDP "connections." My ISP's DNS servers time out after one minute causing a lot of log spam. No problem, I figured I'd up the lifetime of the dynamic rules to, say, 65 seconds just to be sure. First off, I had to figure out which sysctl to change since there is no UDP setting. After looking through the source, I found that 'dyn_short_lifetime' was what I wanted to change. So, I did, # sysctl -w net.inet.ip.fw.dyn_short_lifetime=65 But then I realized it didn't make any changes. The sysctl values do not seem to be used. # sysctl -a | fgrep short net.inet.ip.fw.dyn_short_lifetime: 65 # nslookup www.freebsd.org >& /dev/null & ipfw sh | awk '/^## Dynamic rules:/ { go = 1 } ( go && $5 != "0," ) { print }' [1] 12486 ## Dynamic rules: 10300 0 0 (T 30, # 165) ty 0 udp, 64.6.211.149 3607 <-> 64.6.204.18 53 Looking again at the code, I can't see exactly why this has no effect. I'm a bit puzzled. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message