Date: Tue, 20 Sep 2016 09:15:54 -0700 From: Julian Elischer <julian@freebsd.org> To: "freebsd-ipfw@freebsd.org" <Freebsd-ipfw@freebsd.org> Subject: Re: ipfw table expiry.. how to do it..? Message-ID: <73e735d6-04cb-3e88-594c-b4e63b2971d7@freebsd.org> In-Reply-To: <b8abd54d-a83c-d85f-dc93-888677eb6e30@elischer.org> References: <b8abd54d-a83c-d85f-dc93-888677eb6e30@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/09/2016 8:03 PM, Julian Elischer wrote: > > Unfortunately we don't have any timers on table entries, so it's not > possible to see how long an entry has been in use, or idle. > > > If I were to ha ve a captive portal, which placed the address of > 'allowed' hosts into a table, we would have no way to time them out > when they go idle. The omly thing you can do is throw away all the > entries at some time, and force them to all log in again. > > Does anyone have any patches to add "access time" to table entries? > > > I'm guessing the way it would need to be done now would be to use > dynamic rules and having the syn packet of every session sent to > no takers?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?73e735d6-04cb-3e88-594c-b4e63b2971d7>