[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
set timeout and TTL
About pf.conf man page...
interval Interval between purging expired states and fragments.
frag Seconds before an unassembled fragment is expired.
When a packet matches a stateful connection, the seconds to live
for the connection will be updated to that of the proto.modifier
which corresponds to the connection state. Each packet which
matches this state will reset the TTL (*). Tuning these values may
improve the performance of the firewall at the risk of dropping valid
What does * means ?