ipfw dynamic rule timeout
Markie
markie at notwentytwo.freeserve.co.uk
Sat Apr 26 08:58:25 PDT 2003
You probably need IPFW2 for this =OP
Step 1)
Either add IPFW2=true to /etc/make.conf and then do a make buildworld
procedure or just recompile /usr/src/sbin/ipfw and /usr/src/lib/libalias
with IPFW2 defined like this...
# cd /usr/src/sbin/ipfw
# make clean
# make -DIPFW2
# make install
# cd /usr/src/libexec/libalias
# make clean
# make -DIPFW2
# make install
Assuming you still have the same source tree as your current userland
binarys the second option of just recompiling those two things will save
alot of time :)
Step 2)
Recompile your kernel with 'options IPFW2' and reboot.
root at bone:~# sysctl net.inet.ip.fw.dyn_keepalive
net.inet.ip.fw.dyn_keepalive: 1
Markie
----- Original Message -----
From: "Antoine Jacoutot" <ajacoutot at lphp.org>
To: <jfm at blueyonder.co.uk>
Cc: <questions at FreeBSD.ORG>
Sent: Saturday, April 26, 2003 4:48 PM
Subject: Re: ipfw dynamic rule timeout
> On Saturday 26 April 2003 17:26, John Murphy wrote:
> > >So I tried to following command and got this error:
> > ># sysctl net.inet.ip.fw.dyn_keepalive=1
> > >sysctl: unknown oid 'net.inet.ip.fw.dyn_keepalive'
> > >Anyone has an idea how to increase the default timeout value.
> >
> > Probably not much help to you, but you could try:
> > sysctl -a | grep keepalive
> > to see what is available. The only one I see on 4.8 is:
> > net.inet.tcp.always_keepalive: 1
> > I'm not actually using ipfw though.
>
> I'm having the exact same output as you... which means I can't set
> net.inet.ip.fw.dyn_keepalive.
> Thanks anyway for the answer. I hope I could find a solution for this.
>
> Antoine
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list