[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Public web server behind a PF bridge, crap clients

On Fri, Dec 06, 2002 at 04:10:54PM -0800, Stephen Gutknecht (OBSD-PF) wrote:
> Are the default timeout values documented somewhere.  If not, you post them.
> The man pages for pf.conf show how to set them, but doesn't seem to indicate
> the defaults.
The active timeout settings are printed with 'pfctl -st', which are the
defaults, if you haven't changed them yet.
> On similar note:  does "set optimization" influence the timeouts, or is it
> merely relaxing the state matching tolerance?
It only influences timeouts, the 'optimizations' are just five sets of
default values for the timeouts, nothing more.