On Wed, Jun 13, 2018 at 10:16 AM, Jeff Kletsky <[email protected]> wrote:
When a T-Mobile "femto-cell" is trying to establish its IPv4, IPSEC tunnel > to the T-Mobile provisioning servers, the reassembled, 4640-byte return > packet is silently dropped by the in-kernel NAT, even though it "matches" > the outbound packet from less than 100 ms prior. Do you have a 'reass' rule before applying nat on inbound traffic? - M -- "Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent person requires only two thousand five hundred." - The Mahābhārata _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[email protected]"
