Date: Thu, 01 Nov 2001 14:14:35 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: freebsd-questions@FreeBSD.org, ru@FreeBSD.org Subject: Re: Protocol-specific dynamic IPFW rule lifetimes? Message-ID: <76269.1004616875@axl.seasidesoftware.co.za> In-Reply-To: Your message of "Thu, 01 Nov 2001 13:49:26 %2B0200." <76018.1004615366@axl.seasidesoftware.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 01 Nov 2001 13:49:26 +0200, Sheldon Hearn wrote: > > I'm happy with the defaults for HTTP, SMTP and others. However, I'd > > like the dynamic rules used to service SSH, pcAnywhere and Microsoft > > Terminal Services to live _much_ longer. > > Just before people shoot the question down, I _do_ know about OpenSSH's > ClientAliveInterval and ClientAliveCountMax. Also, I've noticed that my SSH sessions time out after just 20 seconds of inactivity. Howcome they're not triggering fw.dyn_ack_lifetime, which is the default 300? Here are the relevant rules: add fwd 216.123.49.33 tcp from 216.123.49.36 22 to any established ... add allow tcp from any to 216.123.49.32/28 22 setup keep-state Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?76269.1004616875>