Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 26 Apr 2003 16:58:43 +0100
From:      "Markie" <markie@notwentytwo.freeserve.co.uk>
To:        "Antoine Jacoutot" <ajacoutot@lphp.org>, <freebsd-questions@freebsd.org>
Subject:   Re: ipfw dynamic rule timeout
Message-ID:  <002c01c30c0c$c16d4310$f300a8c0@mrblossom>
References:  <200304261621.44416.ajacoutot@lphp.org><mu8lav04c0lfbbsjhu32vfpp0inhfefsca@4ax.com> <200304261748.35556.ajacoutot@lphp.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
You probably need IPFW2 for this =OP

Step 1)
Either add IPFW2=true to /etc/make.conf and then do a make buildworld
procedure or just recompile /usr/src/sbin/ipfw and /usr/src/lib/libalias
with IPFW2 defined like this...

# cd /usr/src/sbin/ipfw
# make clean
# make -DIPFW2
# make install
# cd /usr/src/libexec/libalias
# make clean
# make -DIPFW2
# make install

Assuming you still have the same source tree as your current userland
binarys the second option of just recompiling those two things will save
alot of time :)

Step 2)
Recompile your kernel with 'options IPFW2' and reboot.

root@bone:~# sysctl net.inet.ip.fw.dyn_keepalive
net.inet.ip.fw.dyn_keepalive: 1

Markie

----- Original Message -----
From: "Antoine Jacoutot" <ajacoutot@lphp.org>
To: <jfm@blueyonder.co.uk>
Cc: <questions@FreeBSD.ORG>
Sent: Saturday, April 26, 2003 4:48 PM
Subject: Re: ipfw dynamic rule timeout


> On Saturday 26 April 2003 17:26, John Murphy wrote:
> > >So I tried to following command and got this error:
> > ># sysctl net.inet.ip.fw.dyn_keepalive=1
> > >sysctl: unknown oid 'net.inet.ip.fw.dyn_keepalive'
> > >Anyone has an idea how to increase the default timeout value.
> >
> > Probably not much help to you, but you could try:
> > sysctl -a | grep keepalive
> > to see what is available.  The only one I see on 4.8 is:
> > net.inet.tcp.always_keepalive: 1
> > I'm not actually using ipfw though.
>
> I'm having the exact same output as you... which means I can't set
> net.inet.ip.fw.dyn_keepalive.
> Thanks anyway for the answer. I hope I could find a solution for this.
>
> Antoine
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002c01c30c0c$c16d4310$f300a8c0>