Cyrill Rüttimann wrote:
The state of the SIP-Connection remains active in the state table after
changing the IP, why?
The state is not expiring immediately.
If I then delete the state, the SIP-Phone registers immediately with the
SIP-Proxy.
Try 'set optimization aggressive' which removes state
Tucker Bradford wrote:
I'm experiencing a very annoying session timeout issue. Its most often
noticed when sshing to a host behind the firewall from off site. It
doesn't seem to happen when the connection is initiated from another
internal network, but that could be due to some bi-directional
Being I cannot get ftp-proxy to work for active connections.
I thought (hopefully for a short time to write rules to allow
just those clients to use ftp to just those servers where
I had problems. So I wrote up
rdr pass proto tcp from Clients to $Server1 port ftp - $Server1
port ftp
rdr
That doesn't work. The way I interpret the results of the previous
series of tests, we don't actually have a session timeout at all. There
is something else going on here, but I don't know what it is. It might
be a fragmentation timeout. I am stumped. Anyway, I tried the
ClientAliveInterval
Hi, I have a question about filtering and how it relates to NAT.
Specifically, I'm wondering how to filter outbound traffic from a specific
NATed host to a specific remote host. From reading the faq and a few other
documents I've learned (among other things) that filtering is done after NAT.
I
One other thing that might be helpful, my mtu is 1485.
-=Tucker
Damien Miller wrote:
Tucker Bradford wrote:
I'm experiencing a very annoying session timeout issue. Its most
often noticed when sshing to a host behind the firewall from off
site. It doesn't seem to happen when the connection is
On Mon, 2005-02-07 at 09:48:38 -0800, [EMAIL PROTECTED] proclaimed...
There's a Firewall/NAT router F, Local machines L and M, and a remote host R.
Block on the interface that is closer to Machine L; So how about:
machine_l=10.13.13.1
machine_r=172.18.43.165
block in quick on
Hi there.
I tried all the ftp-proxy versions and all the possible options in
inetd.conf. ftp-proxy and PF Doesn't not work with Restrict FTP
clients in Active mode.
please if someone has a options to make restricted FTP clients behind
NAT with pf please let me know.
Thanks
Marcos Biscaysaqu
Hi,
Try 'set optimization aggressive' which removes state entries quicker.
That does not resolve the problem. I investigated some more effort:
The SIP-Phone sends every 25s (default) a keep alive message to the SIP-Proxy
to remain the state on the NAT'ed Firewall. So I have to lower the
Hi!
I have the following network topology:
[ LAN ] [ OBSD f/w ] - DSL - [ Internet ]
|
\- [ DMZ ]
In the DMZ I have a proxy (squid) configured and running properly on
port 3128. I want to make this proxy
10 matches
Mail list logo