From owner-freebsd-ipfw@FreeBSD.ORG Wed Jul 2 09:52:17 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 05D3E37B401 for ; Wed, 2 Jul 2003 09:52:17 -0700 (PDT) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 755A943F85 for ; Wed, 2 Jul 2003 09:52:16 -0700 (PDT) (envelope-from dphiffer@hmc.edu) Received: from odin.ac.hmc.edu (IDENT:dphiffer@odin.ac.hmc.edu [134.173.32.75]) by odin.ac.hmc.edu (8.12.9/8.12.3) with ESMTP id h62GqDq8031630 for ; Wed, 2 Jul 2003 09:52:13 -0700 Date: Wed, 2 Jul 2003 09:52:13 -0700 (PDT) From: Dan Phiffer X-X-Sender: To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu Subject: Stateful inspection X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2003 16:52:17 -0000 Hello, I'm having some difficulty getting ipfw to work properly. I've been messing with various incarnations of stateful packet inspection, but I've found that SSH and FTP sessions tend to get off and long HTTP downloads get interrupted. I read somewhere online that an otherwise stateless firewall configuration becomes stateful when coupled with natd. To what extent is this true? Also, what is the deal with ipfw2? I'm running 4.8-STABLE - does this mean I'm using ipfw or ipfw2? Thanks for any help, -Dan .: ICQ 22573428 .:. AIM DanAtMudd .:. http://phiffer.com :.