| To: | Christian Karpp <xn@heidelbg.ibm.com> |
|---|---|
| Subject: | Re: NAT and age |
| From: | Darren Reed <darrenr@reed.wattle.id.au> |
| Date: | Sat, 23 Dec 2006 23:12:37 +1100 |
| Cc: | ipfilter@coombs.anu.edu.au |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | ipfilter-list@securepoint.com |
| In-reply-to: | <458CDE79.3090700@heidelbg.ibm.com> |
| References: | <458BD3E1.7070601@heidelbg.ibm.com> <458BE04B.8010004@reed.wattle.id.au> <458BE9EC.1060903@heidelbg.ibm.com> <458C04D5.60905@reed.wattle.id.au> <458CDE79.3090700@heidelbg.ibm.com> |
| Reply-to: | darrenr@reed.wattle.id.au |
| Sender: | owner-ipfilter@coombs.anu.edu.au |
| User-agent: | Thunderbird 1.5.0.5 (Windows/20060719) |
Christian Karpp wrote: > Darren Reed wrote: > > > ahh, try "ipfstat | grep Ticks"... > > OK, now I can see that the counter does not increase. > It's always "IPF Ticks: 0" > > However, I don't see the link yet between IPF ticks in ipfilters and > the age counter in ipnat. Do ipfilters have to run (e.g. with at least > a "pass all") in order to make ipnat work? This means that whoever did the port of IPFilter to AIX didn't get the timeout function working. This means that none of the NAT or state table entries will ever expire. At some point it would probably help if someone at IBM could send me a box to run AIX on if IBM expects me to answer more questions on IPFilter running there. Darren |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: NAT and age, Christian Karpp |
|---|---|
| Next by Date: | Re: NAT and age, Christian Karpp |
| Previous by Thread: | Re: NAT and age, Christian Karpp |
| Next by Thread: | Re: NAT and age, Christian Karpp |
| Indexes: | [Date] [Thread] [Top] [All Lists] |