Darren, If I change my port 25 rule from:
pass in quick proto tcp from any to 137.146.28.72 port = 25 flags S keep state keep frags pass out quick proto tcp from 137.146.28.72 to any port = 25 flags S keep state keep frags
to: pass in quick proto tcp from any to 137.146.28.72 port = 25 pass out quick proto tcp from 137.146.28.72 to any port = 25 Then all/most of my email traffic halts. I am using Sun multipathing, and there is some kind of interaction between ipfilter, keep state, and the two interfaces (one of which should be silent, but isn't). I had similar issues with my webmail servers, a person in Australia, and a VPN connection from there. In that case, the problem was fixed by adding "flags S keep state" to my port 80/443 ipfilter lines. Still puzzling over my rules... Jeff Earickson Colby College On Mon, 5 Mar 2007, Darren Reed wrote:
Date: Mon, 05 Mar 2007 23:04:30 -0800 From: Darren Reed <[EMAIL PROTECTED]> To: Jeff A. Earickson <[EMAIL PROTECTED]> Cc: [email protected] Subject: Re: insight on S10 ipfilter patch 125014-02? Jeff, if you use stateless filtering for por 25, does that solve your problem? darren
