From mboxrd@z Thu Jan 1 00:00:00 1970 From: Antony Stone Subject: Re: SSH Connections Lost After 1 minute idle Date: Tue, 13 Jul 2004 23:58:26 +0100 Sender: netfilter-admin@lists.netfilter.org Message-ID: <200407132358.26419.Antony@Soft-Solutions.co.uk> References: <7EACCDBB65D37443912D80713CC1245D02382A35@fsnsab20.losangeles.af.mil> Reply-To: netfilter@lists.netfilter.org Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Return-path: In-Reply-To: <7EACCDBB65D37443912D80713CC1245D02382A35@fsnsab20.losangeles.af.mil> Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: netfilter@lists.netfilter.org On Tuesday 13 July 2004 11:28 pm, Hudson Delbert J Contr 61 CS/SCBN wrote: > dick, > > i beg to differ. > > i must concur strongly with antony. > > if you cripple icmp, your networks will break... Maybe not immediately :) Maybe only when something else start to go awry...? Antony. PS: Did you ever expand on your reasons for saying "do not i repeat...do not allow inbound ntp with a source port above the root ports"? Several people here (including myself) were interested to know more about this... -- Programming is a Dark Art, and it will always be. The programmer is fighting against the two most destructive forces in the universe: entropy and human stupidity. They're not things you can always overcome with a "methodology" or on a schedule. - Damian Conway, Perl God Please reply to the list; please don't CC me.