diff options
-rw-r--r-- | usr.sbin/relayd/pfe_filter.c | 6 | ||||
-rw-r--r-- | usr.sbin/relayd/relayd.conf.5 | 7 |
2 files changed, 6 insertions, 7 deletions
diff --git a/usr.sbin/relayd/pfe_filter.c b/usr.sbin/relayd/pfe_filter.c index 82e8f32e963..f9fb944834c 100644 --- a/usr.sbin/relayd/pfe_filter.c +++ b/usr.sbin/relayd/pfe_filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfe_filter.c,v 1.28 2008/06/10 22:02:28 reyk Exp $ */ +/* $OpenBSD: pfe_filter.c,v 1.29 2008/06/10 23:12:36 reyk Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -366,10 +366,10 @@ sync_ruleset(struct relayd *env, struct rdr *rdr, int enable) /* Use sloppy state handling for half connections */ rio.rule.keep_state = PF_STATE_NORMAL; rio.rule.rule_flag = PFRULE_STATESLOPPY; - rio.rule.timeout[PFTM_TCP_CLOSING] = - rdr->conf.timeout.tv_sec; } + rio.rule.timeout[PFTM_TCP_ESTABLISHED] = + rdr->conf.timeout.tv_sec; rio.ticket = env->sc_pf->pfte[rs].ticket; if (ioctl(env->sc_pf->dev, DIOCBEGINADDRS, &pio) == -1) fatal("sync_ruleset: cannot initialise address pool"); diff --git a/usr.sbin/relayd/relayd.conf.5 b/usr.sbin/relayd/relayd.conf.5 index 81aaf12833c..ec8837c1645 100644 --- a/usr.sbin/relayd/relayd.conf.5 +++ b/usr.sbin/relayd/relayd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: relayd.conf.5,v 1.85 2008/06/10 22:02:28 reyk Exp $ +.\" $OpenBSD: relayd.conf.5,v 1.86 2008/06/10 23:12:36 reyk Exp $ .\" .\" Copyright (c) 2006, 2007 Reyk Floeter <reyk@openbsd.org> .\" Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -439,8 +439,7 @@ Note that the hosts have to accept sessions for the same address as the gateway, this is typically done by configuring a loopback interface on the host with this address. .It Ic session timeout Ar seconds -Specify the timeout after closing in seconds for routed session -states. +Specify the inactivity timeout in seconds for established redirections. The default timeout is 600 seconds (10 minutes). .It Ic sticky-address This has the same effect as specifying sticky-address @@ -551,7 +550,7 @@ see the .Sx PROTOCOLS section below. .It Ic session timeout Ar seconds -Specify the timeout in seconds for accepted sessions. +Specify the inactivity timeout in seconds for accepted sessions. The default timeout is 600 seconds (10 minutes). .El .Sh PROTOCOLS |