On Tue, May 18, 2010 at 9:37 AM, Harry Penner <hpenner at gmail.com> wrote: > > It automatically kills TCP connections that last longer than 5 minutes? > That's crazy! > > Why does it do that? To protect against SYN scans overloading the server or > something similar? More likely because the device has a woefully inadequate amount of RAM, and it's trying to avoid resource starvation. Personally, I switched from DD-WRT to PFsense running on a PCEngines alix board a year and a half ago and haven't looked back. PFSense is FreeBSD-based, and in my opinion is a much better routing/firewall platform than DD-WRT, both in terms of stability and feature set. Check it out if you have a few spare cycles! -Erik