Date: Thu, 3 Apr 2003 17:56:55 +0300 From: "Ivailo Tanusheff" <i.tanusheff@procreditbank.com> To: "'Nevins, Peter '" <pnevins@LittonLS.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: RE: IPFILTER Question Message-ID: <008001c2f9f1$44d0e2d0$faf810ac@sof.procreditbank.bg> In-Reply-To: <10DD0557A6ACAB4F993E055A0393ED562BAA77@MAIL1.littonls.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Can you post the rules he is using? Perhaps you'll need something like: pass out quick on xl0 proto tcp from any to any keep state keep frags in his ruleset! Regards, Ivailo Tanusheff -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Nevins, Peter Sent: Tuesday, April 01, 2003 4:01 PM To: 'freebsd-questions@freebsd.org' Subject: IPFILTER Question Hello. I'm a firewall admin and have run into a question regarding your OS. A client is running IPFILTER and cannot send mail to us here. We're running a Raptor Firewall for NT (yes, NT). He sends a SYN and my system responds with an ACK that is more on the lines of 1 million in length over the expected 1024. His system drops the incoming packet from me thus no email transfer. Having no working knowledge of IPFILTER, I don't know if it's on my end or his. Do you have any previous problems noted where Raptor Firewalls are the common denominator? Thanks for any assistance you can provide in this. I have a TCPDUMP if you would like to see it or know of anyone who could help. Pete _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?008001c2f9f1$44d0e2d0$faf810ac>