This seems like a VPN is the right solution.
On 11/8/2022 5:46 PM, Vieri Di Paola
wrote:
Hi, There are hosts in my LAN behind a Shorewall FW that need to keep Oracle connections alive (tcp 1521) with other hosts that are behind a remote Fortinet Fortiguard FW.The Fortinet admin has set the following in his FW: set protocol 6 set timeout 28800 set start-port 1521 set end-port 1521 I don't know how to translate "set timeout 28800" to Shorewall/iptables on Linux. I've searched for timeouts and keepalives at OS level with sysctl such as: net.ipv4.tcp_keepalive_intvl = 75 net.ipv4.tcp_keepalive_probes = 9 net.ipv4.tcp_keepalive_time = 7200 but I believe that wouldn't necessarily apply here in the case of a Shorewall router, or would it? Also, I don't want to change any global OS settings, but I'd rather stick to just tcp 1521. I didn't see anything in shorewall about keepalives or connection timeouts except rate limiting in the rules file and TTL in the mangle file. Nothing that seems to apply to the topic at hand. Any suggestions? _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
-- Robert K Coffman Jr. Info From Data Corp. 3307249000 supp...@infofromdata.com
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
