[OpenAFS] Connection time out
Derek Atkins
warlord@MIT.EDU
02 Jul 2002 09:47:51 -0400
Umm, "ipchains -M -S" has no equivalent in netfilter? That seems
like a bug.
-derek
tino.schwarze@informatik.tu-chemnitz.de (Tino Schwarze) writes:
> On Mon, Jul 01, 2002 at 03:33:33PM -0400, Derek Atkins wrote:
> > > Yes, I am behind a NAT, and I have directed port 7001 directly to my
> > > workstation. Is it possible to prevent the port mappings from time out?
> >
> > Set the UDP timeouts to >10mins. How you do this depends on your
> > NAT box.
>
> Just for general information (before someone else starts searching) - on
> Linux 2.4.x (with netfilter code), there seems to be no way to alter
> masquerading timeouts. Neither using the ipchains nor the iptables
> command. The appropiate procedures are simply not implemented (as of
> kernel 2.4.17).
>
> To increase the UDP timeout, edit
> /usr/src/linux/net/ipv4/netfilter/ip_conntrack_proto_udp.c
> and change the "#define UDP_STREAM_TIMEOUT" at the beginning of that file.
>
> I've been using such a modified kernel for quite a while now.
>
> HTH! Tino.
>
> --
> * LINUX - Where do you want to be tomorrow? *
> http://www.tu-chemnitz.de/linux/tag/
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available