[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  Darryl Okahata <darrylo at soco dot agilent dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] known issues with 1.2b3
 Date:  Fri, 4 Feb 2005 14:29:42 -0500
On Fri, 04 Feb 2005 10:36:16 -0800, Darryl Okahata
<darrylo at soco dot agilent dot com> wrote:
> Manuel Kasper <mk at neon1 dot net> wrote:
> 
> > That's because as of 1.2b2, the TCP idle timeout for the firewall is
> > 2.5 hours instead of the ipfilter default of 10 days (!) to keep the
> > state table from filling up with dead connections. This value can be
> > modified on the advanced setup page, though it is not recommended to
> > do that. So of course if your SSH connection doesn't transfer a
> > single byte for two hours, the ipfilter state table entry is deleted
> > and the connection breaks. Try turning on keep-alive in your SSH
> > client.
> 
>      This needs to go into the documentation or the FAQ.  Otherwise,
> it'll keep on coming back.
> 
>      Again.
> 
>      And again.
> 

Already in my next commit.  :)

-Chris