From: Kenn Humborg (kenn at domain bluetree.ie)
Date: Tue 11 Jul 2000 - 14:08:40 IST
>
> > On linux 2.0.x set the IP masq timeout to just over 3 hours:
> > # ipfwadm -M -s 11000 0 0
>
> why set the others to zero.
See man ipfwadm. A value of 0 means "don't alter the
current value".
> > On linux 2.2.x, set the TCP keepalive timer to just under
> > 15 mins:
> > # echo 870 > /proc/sys/net/ipv4/tcp_keepalive_time
> >
> > As Kate would so eloquently say: mutter, mutter...
>
> we just had our 2.0.36 based masq gateway run out of ports.
Nasty...
> Is there any way to see/adjust the port range used for masq.
I'd guess that a re-compile would be in order.
> Can you adjust the timeout on a per connection basis (ie only bother for
> ssh sessions )
No. You might be able to with the new, improved, 25% extra
free ipfilter stuff in 2.4. I don't know anything about this.
Later,
Kenn
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:06:50 GMT