Date: Tue, 18 Apr 2006 12:56:34 -0400 From: "Scott Nolde" <scott.nolde@gmail.com> To: freebsd-pf@freebsd.org Subject: FreeBSD 6.1-RC and pf dropping NAT packets to Windows 98 computers? Message-ID: <34041e6e0604180956x47e88f51ib43f1661cdb9778d@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Greetings, I've recently upgraded my firewall from 5.4 to FreeBSD 6.1-RC #2: Wed Apr 12 13:40:41 EDT 2006. I use pf as the packet filtering software and it has worked well for my home network up until this point. In my home network, I have a mixed environment of devices and operating systems which includes a windows 98 host my wife uses. This windows 98 computer can no longer netsurf or check email through the new pf firewall. I make no special allowances for hosts on this network, other than it has a corresponding nat setup and a pass rule for the local lan traffic. I believe the problem to be a scrub setting where "scrub in all" isn't sufficient. I can't get too technical, but when the win98 host begins an http session or POP session (to an offsite server), the initial state is created and some data is exchanged. However, the session doesn't continue. For a web browser, little is seen other than the website's header at the top of the browser. For a pop session the user/pass exchange is made, but any download never completes. I can use telnet and connect to the pop server and run simple checks like top and stat and the single state connection works just fine. Does anyone have any suggestions for a scrub rule to try which might address and accept packets from the win98 host? - smn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?34041e6e0604180956x47e88f51ib43f1661cdb9778d>