living with masq

Devon Bleak devon at
Fri Mar 23 17:03:10 EST 2001

since i started using the masq code from iptables/kernel 2.4, i haven't had
any problems with sessions timing out, even after leaving them idle over
night or all day.

with ipchains/kernel 2.2, i just set the timeouts on tcp connections to be
something like 4 hours (default is 15 minutes), which i found was more than
enough, but is configurable beyond even that.


----- Original Message -----
From: "Leon Brooks" <leon at>
To: <openssh-unix-dev at>
Sent: Thursday, March 22, 2001 9:36 PM
Subject: living with masq

> I'm on too many lists already, so haven't joined this one. If you have
> things that I really need to know, please reply or CC me off-list.
> I often work through masqueraded (NAT) links, and find that the
> following patch is able to keep an idle ssh link up where nothing else
> will. Please consider making it a part of the main ssh package.
> I understand that Linux-Mandrake, starting with the updates to their
> distribution release number 7.2, includes this patch routinely. I myself
> have never had a problem with it. Does it do anything nasty to other
> (non-Linux) systems?
> --
> "I think that's how Chicago got started. A bunch of people in New York
> said, 'Gee, I'm enjoying the crime and the poverty, but it just isn't
> cold enough. Let's go west.'" -- Richard Jeni

More information about the openssh-unix-dev mailing list