On Wed, 20 May 1998, Karsten Jeppesen wrote:
> I may not have expressed myself clearly the first time. So here is the Q
> again...
>
> When the modem connection fails it would be nice to be able to clear the
> masq table. Especially for those programs which requires a non masq'ed
> ports like CuSeeMe.
> Otherwise you aren't able to do another connection before the first table
> entry times out.
> The ipfwadm can only remove the rules not the entries themselves.
>
> It should be possible to do with the connection-down and connection-up
> scripts for the pppd.
>
> Anyone knows how to do it? I mean the contents of the up/down script?
Try using "ipfwadm -M -s 2 2 2", which lowers the timeout to 2
seconds for each of the entries in the table. Within two seconds all of
your connections should be cleared from the table. To return these
timeouts to their original values, use "ipfwadm -M -s 900 120 300" (I'm
pretty sure these are the correct values.
"man ipfwadm" talks a little bit more about this. As you probably
already knew "netstat -a -M" shows the current masq table entries, and
"netstat -a -M -c" show them once a second continuously.
I would guess that sticking the 222 command in ip-down and the
900120300 in ip-up would give the effect you're looking for, but I'm not
positive.
Does this get you any closer?
Cheers,
- Bill
---------------------------------------------------------------------------
Unix _is_ user friendly. It's just very selective about who its friends
are. And sometimes even best friends have fights.
William Stearns ([EMAIL PROTECTED])
---------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
