----- Original Message -----
From: "Trevor Osatchuk" <[EMAIL PROTECTED]>
To: "Larry Moore" <[EMAIL PROTECTED]>
Cc: <[email protected]>
Sent: Saturday, June 10, 2006 12:02 AM
Subject: Re: Problems with Azureus
Larry, I tired all of your suggestions one at a time and all the
iterations to see what difference they made. the only one that made
the difference was adding keep state on the pass in/out on rl0, my
internal interface. I thought that keep state was the way ipf kept
track of 'established' connections. If a session was started on a
particular port, or in this case an interface, once it was allowed
through keep state would then let the session continue with no further
checking. Why would it matter if I had keep state on rl0 since I am
passing everything be default? It certainly had made a difference,
but why?
I suspect it's to do with the compiled in default operation of "block all".
Not seeing the results of ipfstat -iohn would lead to guessing though
perhaps you used this command before and after making keep-state rules on
rl0 and observed the changes.
Cheers,
Larry.
