ipfilter per rule ttl's not working?

bdb at north-eastham.org bdb at north-eastham.org
Tue Aug 26 12:25:42 PDT 2003

On Tue, Aug 26, 2003 at 08:48:40AM -0700, Sean Chittenden wrote:
> # ipf -Fa -f /etc/ipf.rules
> 693: invalid ttl (604800)
> :-/ One would think that 604800 would qualify as a decnumber.  Am I
> missing something or is this a documented non-feature?

ttl here specifies the Time-to-live (i.e., hop count) in the IP packet
header, something different altogether.  What you want is timeout; 
from what I understand, this cannot be changed per rule with ipf.

> -sc

"It is a very sad thing that nowadays there is so little useless
  information."  -- Oscar Wilde

More information about the freebsd-questions mailing list