'Re[2]: UDP keep state closing after 1 reply?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re[2]: UDP keep state closing after 1 reply?
From:       Igor Podlesny <subscr () morning ! ru>
Date:       2001-04-29 9:10:37
[Download RAW message or body]



> Darren Reed wrote:
>> 3.4.17 introduced a variable called "fr_udpacktimeout".
>> 
>> It defaults to 12 seconds.
>> That sets the timeout on UDP state entries for "reply" packets.

> If you use FreeBSD you can use the following patch to modify these timeouts
> using sysctl (otherwise you have to patch the source).

> Frank

suggest commiting it to the sources :)


> diff -ru ip_fil3.4.17.dist/ip_state.h ip_fil3.4.17.sysctl/ip_state.h
> --- ip_fil3.4.17.dist/ip_state.h        Wed Aug 23 13:01:31 2000
> +++ ip_fil3.4.17.sysctl/ip_state.h      Wed Apr 18 19:39:10 2001
> @@ -175,7 +175,9 @@
>  extern u_long  fr_tcpclosed;
>  extern u_long  fr_tcphalfclosed;
>  extern u_long  fr_udptimeout;
> +extern u_long  fr_udpacktimeout;
>  extern u_long  fr_icmptimeout;
> +extern u_long  fr_icmpacktimeout;
>  extern int     fr_state_lock;
>  extern int     fr_stateinit __P((void));
>  extern int     fr_tcpstate __P((ipstate_t *, fr_info_t *, ip_t *, tcphdr_t *));
> diff -ru ip_fil3.4.17.dist/mlf_ipl.c ip_fil3.4.17.sysctl/mlf_ipl.c
> --- ip_fil3.4.17.dist/mlf_ipl.c Mon Nov 27 11:44:46 2000
> +++ ip_fil3.4.17.sysctl/mlf_ipl.c       Wed Apr 18 21:42:41 2001
> @@ -110,8 +110,12 @@
>            &fr_tcpclosed, 0, "");
>  SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_udptimeout, CTLFLAG_RW,
>            &fr_udptimeout, 0, "");
> +SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_udpacktimeout, CTLFLAG_RW,
> +          &fr_udpacktimeout, 0, "");
>  SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_icmptimeout, CTLFLAG_RW,
>            &fr_icmptimeout, 0, "");
> +SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_icmpacktimeout, CTLFLAG_RW,
> +          &fr_icmpacktimeout, 0, "");
>  SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_defnatage, CTLFLAG_RW,
>            &fr_defnatage, 0, "");
>  SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_ipfrttl, CTLFLAG_RW,
> diff -ru ip_fil3.4.17.dist/mlfk_ipl.c ip_fil3.4.17.sysctl/mlfk_ipl.c
> --- ip_fil3.4.17.dist/mlfk_ipl.c        Sat Nov 18 04:58:29 2000
> +++ ip_fil3.4.17.sysctl/mlfk_ipl.c      Wed Apr 18 19:37:56 2001
> @@ -76,8 +76,12 @@
>            &fr_tcphalfclosed, 0, "");
>  SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_udptimeout, CTLFLAG_RW,
>            &fr_udptimeout, 0, "");
> +SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_udpacktimeout, CTLFLAG_RW,
> +          &fr_udpacktimeout, 0, "");
>  SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_icmptimeout, CTLFLAG_RW,
>            &fr_icmptimeout, 0, "");
> +SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_icmpacktimeout, CTLFLAG_RW,
> +          &fr_icmpacktimeout, 0, "");
>  SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_defnatage, CTLFLAG_RW,
>            &fr_defnatage, 0, "");
>  SYSCTL_INT(_net_inet_ipf, OID_AUTO, fr_ipfrttl, CTLFLAG_RW,



-- 
 Igor                            mailto:poige@morning.ru

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic