IPFILTER Question
Ivailo Tanusheff
i.tanusheff at procreditbank.com
Thu Apr 3 06:57:04 PST 2003
Can you post the rules he is using?
Perhaps you'll need something like:
pass out quick on xl0 proto tcp from any to any keep state keep
frags
in his ruleset!
Regards,
Ivailo Tanusheff
-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org] On Behalf Of Nevins, Peter
Sent: Tuesday, April 01, 2003 4:01 PM
To: 'freebsd-questions at freebsd.org'
Subject: IPFILTER Question
Hello. I'm a firewall admin and have run into a question regarding your
OS.
A client is running IPFILTER and cannot send mail to us here. We're
running
a Raptor Firewall for NT (yes, NT). He sends a SYN and my system
responds
with an ACK that is more on the lines of 1 million in length over the
expected 1024. His system drops the incoming packet from me thus no
email
transfer. Having no working knowledge of IPFILTER, I don't know if it's
on
my end or his. Do you have any previous problems noted where Raptor
Firewalls are the common denominator?
Thanks for any assistance you can provide in this. I have a TCPDUMP if
you
would like to see it or know of anyone who could help.
Pete
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list