[ previous ] [ next ] [ threads ]
 
 From:  Lloyd Aloysius <lloyd dot aloysius at gmail dot com>
 To:  Manuel Kasper <mk at neon1 dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] UDP port session time out
 Date:  Fri, 30 Nov 2012 11:45:32 -0500 
Hi Manuel:

Thank you for the answer. This is what I am looking for .

Thanks
Lloyd

*
*



On Fri, Nov 30, 2012 at 7:39 AM, Manuel Kasper <mk at neon1 dot net> wrote:

> On 30.11.2012, at 06:11, Lloyd Aloysius <lloyd dot aloysius at gmail dot com> wrote:
>
> > What is the default UDP port  session time out ? I am using most recent
> > version 1.34
>
> Two minutes (or one minute if there hasn't been a reply from the other
> side).
>
> > How can I alter the UDP port  session time out?
>
> You should be able to do it by adding the following tags to the <system>
> section of config.xml (order is important):
>
> <earlyshellcmd>/sbin/ipf -D</earlyshellcmd>
> <earlyshellcmd>/sbin/sysctl net.inet.ipf.fr_udptimeout=600</earlyshellcmd>
> <earlyshellcmd>/sbin/sysctl
> net.inet.ipf.fr_udpacktimeout=600</earlyshellcmd>
> <earlyshellcmd>/sbin/ipf -E</earlyshellcmd>
>
> Replace 600 by the desired value in seconds times two (i.e. 600 gives 5
> minutes due to the way ipfilter measures the time).
>
> See also <http://doc.m0n0.ch/handbook/faq-hiddenopts.html>
>
> - Manuel