Hi, It appears that IPFW drops dynamic (state-keeping) rules for idle IPv6 TCP connections after a short (60 seconds by default) timeout. This of course creates problems for services like SSH and NFS. I've contacted Luigi Rizzo about it but he cannot help with the IPv6 part of the ipfw. His guess is that the part that should send keepalive ACK packets like ipfw does for IPv4 is broken or nonexistent for IPv6.
Any takers? Should I file a PR?
signature.asc
Description: OpenPGP digital signature
