Re: [m0n0wall] UDP port session time out

From:	Manuel Kasper <mk at neon1 dot net>
To:	Lloyd Aloysius <lloyd dot aloysius at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] UDP port session time out
Date:	Fri, 30 Nov 2012 13:39:26 +0100

On 30.11.2012, at 06:11, Lloyd Aloysius <lloyd dot aloysius at gmail dot com> wrote:

> What is the default UDP port  session time out ? I am using most recent
> version 1.34

Two minutes (or one minute if there hasn't been a reply from the other side).

> How can I alter the UDP port  session time out?

You should be able to do it by adding the following tags to the <system> section of config.xml
(order is important):

<earlyshellcmd>/sbin/ipf -D</earlyshellcmd>
<earlyshellcmd>/sbin/sysctl net.inet.ipf.fr_udptimeout=600</earlyshellcmd>
<earlyshellcmd>/sbin/sysctl net.inet.ipf.fr_udpacktimeout=600</earlyshellcmd>
<earlyshellcmd>/sbin/ipf -E</earlyshellcmd>

Replace 600 by the desired value in seconds times two (i.e. 600 gives 5 minutes due to the way
ipfilter measures the time).

See also <http://doc.m0n0.ch/handbook/faq-hiddenopts.html>

- Manuel