On 2/21/07, José Pablo Fernández <[EMAIL PROTECTED]> wrote:
I have a FreeBSD 6.2 acting as router between two LANs and the internet. I am
using PF on it for filtering and I am allowing all the traffic to pass by
between the two LANs:
pass from $lan0:network to $lan1:network keep state
pass from $lan1:network to $lan0:network keep state
My problem is that when I copy a file from one network to the other, the first
128KB seems to be copied instantaneously, the second 128KB take more than two
minutes and I've seen the third 128KB being copied very rarely. This is using
If I copy the file to the router and from the router to the other computer, it
just works. And it seems people copying files with SMB (Window's protocol)
have found the same problem.
Any ideas what might be going on?
For keeping state on TCP connections you should only create state on
the first packet of the 3 way TCP handshake. Using "flags S/SA" will
ensure this. This will prevent problems with TCP windows scaling..
For a more detailed explanation and some suggestions see the 3 part
series about the pf firewall starting at
BTW The author of these 3 articles is Daniel Hartmeier, principal
developer of pf. ;)
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"