Jim Hague wrote:
> I've only had a quick look at your filter file, so I may have missed something,
> but I think the problem is as follows. Samples from my filter file.
>
> First,
>
> # Once the link is no longer live, we try to shut down the connection
> # quickly.
> keepup tcp 5 !tcp.live
> ignore tcp !tcp.live
>
> is a general rule saying that when a TCP connection closes the link should only
> stay up for a further 5 seconds.
>
> Now, check the http rule:
>
> ignore tcp !tcp.live,tcp.dest=tcp.www
> ignore tcp !tcp.live,tcp.source=tcp.www
> accept tcp 240 tcp.dest=tcp.www
> accept tcp 240 tcp.source=tcp.www
>
In fact, the first two lines didn't exist in my filter file -- if they had, I'd
have understood the behavior. Instead, the http rule was *above* the live link
rule, which I didn't notice.
I moved my POP and SMTP rules to *above* the link rule, and it works as
advertised.
Problem solved...
Thanks.
--
Dan Berger [[EMAIL PROTECTED]]
http://www.ix.netcom.com/~dberger
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
