From owner-freebsd-questions@FreeBSD.ORG Thu Apr 3 06:57:04 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A40737B405 for ; Thu, 3 Apr 2003 06:57:04 -0800 (PST) Received: from mail.procreditbank.com (mail.procreditbank.com [212.95.179.198]) by mx1.FreeBSD.org (Postfix) with SMTP id 7895643F75 for ; Thu, 3 Apr 2003 06:57:00 -0800 (PST) (envelope-from i.tanusheff@procreditbank.com) Received: (qmail 27155 invoked from network); 3 Apr 2003 14:56:55 -0000 Received: from unknown (HELO itaush) (172.16.248.250) by proxy.procreditbank.bg with SMTP; 3 Apr 2003 14:56:55 -0000 From: "Ivailo Tanusheff" To: "'Nevins, Peter '" Date: Thu, 3 Apr 2003 17:56:55 +0300 Organization: ProCredit Bank Message-ID: <008001c2f9f1$44d0e2d0$faf810ac@sof.procreditbank.bg> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <10DD0557A6ACAB4F993E055A0393ED562BAA77@MAIL1.littonls.com> Importance: Normal cc: FreeBSD Questions Subject: RE: IPFILTER Question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: I.Tanusheff@procreditbank.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2003 14:57:04 -0000 Can you post the rules he is using? Perhaps you'll need something like: pass out quick on xl0 proto tcp from any to any keep state keep frags in his ruleset! Regards, Ivailo Tanusheff -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Nevins, Peter Sent: Tuesday, April 01, 2003 4:01 PM To: 'freebsd-questions@freebsd.org' Subject: IPFILTER Question Hello. I'm a firewall admin and have run into a question regarding your OS. A client is running IPFILTER and cannot send mail to us here. We're running a Raptor Firewall for NT (yes, NT). He sends a SYN and my system responds with an ACK that is more on the lines of 1 million in length over the expected 1024. His system drops the incoming packet from me thus no email transfer. Having no working knowledge of IPFILTER, I don't know if it's on my end or his. Do you have any previous problems noted where Raptor Firewalls are the common denominator? Thanks for any assistance you can provide in this. I have a TCPDUMP if you would like to see it or know of anyone who could help. Pete _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"