Sockets stuck in FIN_WAIT_1
Robert Blayzor
rblayzor.bulk at inoc.net
Fri May 30 09:32:04 UTC 2008
On May 30, 2008, at 4:41 AM, Ian Smith wrote:
> Without debating your stateful alternative - either should work fine
> for
> TCP applications - this allowed inbound icmp packets for types
> 0,3,8,11
> but no outbound icmp at all (assuming your firewall defaults to deny).
I didn't post all the rules, just the TCP based ones for the web
server. I don't have an outbound send restriction. I believe I have a:
permit ip from me to any out
In there somewhere! ;-)
--
Robert Blayzor, BOFH
INOC, LLC
rblayzor at inoc.net
http://www.inoc.net/~rblayzor/
More information about the freebsd-stable
mailing list