Hi Marshall Well I've already determined that this will fix the issues. The problem is indeed with our firewall and it cannot be changed due to our security policy. Thus, I created a script that continually pings every 30 seconds and that keeps the logons alive. So, if I can get the firewall to do it's own version of "ping" using "keep state" then it will take affect for all tcp connections to the server. Since I know that this will fix all of our disconnection issues, and it appears to be a very easy fix, then I'm going to go ahead and get it completed. However, I don't know how to properly use "keep state" with my firewall. Any ideas on this? I just don't know much about Ipfilter and the proper syntax. Thank you again for your help. Anne -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of McDougall, Marshall (FSH) Sent: Tuesday, December 04, 2007 11:54 AM To: General Red Hat Linux discussion list Subject: RE: red hat firewall question >-----Original Message----- >From: redhat-list-bounces@xxxxxxxxxx >[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Anne Moore >Sent: Tuesday, December 04, 2007 10:28 AM >To: 'General Red Hat Linux discussion list' >Subject: red hat firewall question > >Hi All > >I figured out a way, I think, to keep my connections alive while my >users are connected to my Red Hat Enterprise 4 servers. > >I thought I would create a firewall rule (or something like >that) that keeps >tcp alive (keep-state?). > >Something like this: > >"allow tcp from any to any keep-state" > >What do you all think? Is this the correct syntax to use to keep tcp >connections alive? or is there a better way? > >Thank you again for your help. > >Anne Anne. I think you see the symptom, but you don't yet understand your problem, and are hoping that this will solve it. I would be looking at the overall network config, because with a properly configured server there is no reason for your it to be dumping connections after 1 minute. Regards, Marshall -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
