Can you post the rules he is using? Perhaps you'll need something like: pass out quick on xl0 proto tcp from any to any keep state keep frags in his ruleset!
Regards, Ivailo Tanusheff -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nevins, Peter Sent: Tuesday, April 01, 2003 4:01 PM To: '[EMAIL PROTECTED]' Subject: IPFILTER Question Hello. I'm a firewall admin and have run into a question regarding your OS. A client is running IPFILTER and cannot send mail to us here. We're running a Raptor Firewall for NT (yes, NT). He sends a SYN and my system responds with an ACK that is more on the lines of 1 million in length over the expected 1024. His system drops the incoming packet from me thus no email transfer. Having no working knowledge of IPFILTER, I don't know if it's on my end or his. Do you have any previous problems noted where Raptor Firewalls are the common denominator? Thanks for any assistance you can provide in this. I have a TCPDUMP if you would like to see it or know of anyone who could help. Pete _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
