living with masq

Devon Bleak devon at admin2.gisnetworks.com
Fri Mar 23 17:03:10 EST 2001


since i started using the masq code from iptables/kernel 2.4, i haven't had
any problems with sessions timing out, even after leaving them idle over
night or all day.

with ipchains/kernel 2.2, i just set the timeouts on tcp connections to be
something like 4 hours (default is 15 minutes), which i found was more than
enough, but is configurable beyond even that.

devon


----- Original Message -----
From: "Leon Brooks" <leon at brooks.fdns.net>
To: <openssh-unix-dev at mindrot.org>
Sent: Thursday, March 22, 2001 9:36 PM
Subject: living with masq


> I'm on too many lists already, so haven't joined this one. If you have
> things that I really need to know, please reply or CC me off-list.
>
> I often work through masqueraded (NAT) links, and find that the
> following patch is able to keep an idle ssh link up where nothing else
> will. Please consider making it a part of the main ssh package.
>
>
http://chaos2.org/~jacob/code/openssh/patch-openssh-1.2.3-trans_inter-r3.gz
>
> I understand that Linux-Mandrake, starting with the updates to their
> distribution release number 7.2, includes this patch routinely. I myself
> have never had a problem with it. Does it do anything nasty to other
> (non-Linux) systems?
>
> --
> "I think that's how Chicago got started. A bunch of people in New York
> said, 'Gee, I'm enjoying the crime and the poverty, but it just isn't
> cold enough. Let's go west.'" -- Richard Jeni
>
>
>






More information about the openssh-unix-dev mailing list