Date: Tue, 29 Mar 2022 17:51:19 -0300 From: Cristian Cardoso <cristian.cardoso11@gmail.com> To: mike tancsa <mike@sentex.net> Cc: FreeBSD PF List <freebsd-pf@freebsd.org> Subject: Re: PF session ttl Message-ID: <CAKeEC-LbLX=knm8%2BSpps%2BvhWWrRy%2BRUGhGg_hW3vCQQwR0xqbg@mail.gmail.com> In-Reply-To: <558dfec2-031a-feb6-dc2f-f9fc83205896@sentex.net> References: <CAKeEC-KZc2Uh46KnYyXAeXCULWGgg3VkW036H08u3-5MF9qGeA@mail.gmail.com> <558dfec2-031a-feb6-dc2f-f9fc83205896@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000e2f0b705db6197c4 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thanks for the command. But actually I wanted to know if there is a "default" value, what is its value and if it is configurable. Em ter., 29 de mar. de 2022 =C3=A0s 17:48, mike tancsa <mike@sentex.net> escreveu: > On 3/29/2022 4:30 PM, Cristian Cardoso wrote: > > Hi > > Guys, does anyone happen to know how to tell me the value of session > > ttl that PF uses to terminate sessions that are via statefull? > > Are you looking for when a state expires ? If so, try > > pfctl -ss -v -v > > it will show you when it expires > > e.g > > all tcp 192.168.96.1:22 (10.159.159.249:24) <- 192.168.1.89:64660 > SYN_SENT:ESTABLISHED > [997609076 + 2097152] wscale 6 [2771445293 + 16777472] wscale 2 > age 00:00:00, expires in 00:00:30, 1:1 pkts, 52:52 bytes > id: 90d5c76500000000 creatorid: 7b2b3e4b gateway: 0.0.0.0 > origif: vlan9 > > ---Mike > > --000000000000e2f0b705db6197c4 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">Thanks for the command. But actually I wanted to know if t= here is a "default" value, what is its value and if it is configu= rable.<br></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gm= ail_attr">Em ter., 29 de mar. de 2022 =C3=A0s 17:48, mike tancsa <<a hre= f=3D"mailto:mike@sentex.net">mike@sentex.net</a>> escreveu:<br></div><bl= ockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-lef= t:1px solid rgb(204,204,204);padding-left:1ex">On 3/29/2022 4:30 PM, Cristi= an Cardoso wrote:<br> > Hi<br> > Guys, does anyone happen to know how to tell me the value of session <= br> > ttl that PF uses to terminate sessions that are via statefull?<br> <br> Are you looking for when a state expires ? If so, try<br> <br> pfctl -ss -v -v<br> <br> it will show you when it expires<br> <br> e.g<br> <br> all tcp <a href=3D"http://192.168.96.1:22" rel=3D"noreferrer" target=3D"_bl= ank">192.168.96.1:22</a> (<a href=3D"http://10.159.159.249:24" rel=3D"noref= errer" target=3D"_blank">10.159.159.249:24</a>) <- <a href=3D"http://192= .168.1.89:64660" rel=3D"noreferrer" target=3D"_blank">192.168.1.89:64660</a= >=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 <br> SYN_SENT:ESTABLISHED<br> =C2=A0=C2=A0=C2=A0 [997609076 + 2097152] wscale 6=C2=A0 [2771445293 + 16777= 472] wscale 2<br> =C2=A0=C2=A0=C2=A0 age 00:00:00, expires in 00:00:30, 1:1 pkts, 52:52 bytes= <br> =C2=A0=C2=A0=C2=A0 id: 90d5c76500000000 creatorid: 7b2b3e4b gateway: 0.0.0.= 0<br> =C2=A0=C2=A0=C2=A0 origif: vlan9<br> <br> =C2=A0=C2=A0=C2=A0=C2=A0 ---Mike<br> <br> </blockquote></div> --000000000000e2f0b705db6197c4--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKeEC-LbLX=knm8%2BSpps%2BvhWWrRy%2BRUGhGg_hW3vCQQwR0xqbg>