Proper Port Forwarding

[Simon]

Hi,

Can someone suggest an alternative/proper way to port forward using ipfw. Right
now I have the following and some bad clients cause too many FIN_WAIT_2 state

fwd IP,PORT2 tcp from any to me dst-port PORT1 keep-state

This easily causes DoS for when too many FIN_WAIT_2 are created and IPFW
stops forwarding using the rule above because of "too many dynamic rules"

Thanks,
Simon