From owner-freebsd-questions@FreeBSD.ORG Sat Apr 26 07:21:47 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E71B837B407 for ; Sat, 26 Apr 2003 07:21:47 -0700 (PDT) Received: from mx1.lphp.org (APastourelles-107-1-7-10.abo.wanadoo.fr [217.128.208.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 45FB143F93 for ; Sat, 26 Apr 2003 07:21:46 -0700 (PDT) (envelope-from ajacoutot@lphp.org) Received: from sta01 (sta01.lphp.org.local [192.168.0.4]) by mx1.lphp.org (8.12.8p1/8.12.8) with ESMTP id h3QELiKd031281 for ; Sat, 26 Apr 2003 16:21:44 +0200 (CEST) (envelope-from ajacoutot@lphp.org) From: Antoine Jacoutot To: Date: Sat, 26 Apr 2003 16:21:44 +0200 User-Agent: KMail/1.5.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200304261621.44416.ajacoutot@lphp.org> Subject: ipfw dynamic rule timeout X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Apr 2003 14:21:48 -0000 Hi ! I'm having a problem with ipfw and dynamic rules timeout. For exemple, when I ssh to a distant machine, if I don't type anything for like 30 seconds, the connexion is dropped. I read this in ipfw man page: "Dynamic rules expire after some time, which depends on the status of the flow and the setting of some sysctl variables. See Section SYSCTL VARIABLES for more details. For TCP sessions, dynamic rules can be instructed to periodically send keepalive packets to refresh the state of the rule when it is about to expire." So I tried to following command and got this error: # sysctl net.inet.ip.fw.dyn_keepalive=1 sysctl: unknown oid 'net.inet.ip.fw.dyn_keepalive' Anyone has an idea how to increase the default timeout value. Thanks in advance. Antoine