> > > pass all flags S/SA > > > pass in on pppoe0 inet proto tcp from <src> to <dst> port = 5555 flags > > > S/SA synproxy state > > >
Originally you posted pass in quick. Keep the quick in there, not for any reason other than I have a quick in my rules. Same with the NIC, I don't have any logical hopes for you. > > > This is the only rule. Otherwise it's just 'pass all'. If I remove this > > > rule too *or* change synproxy to keep, the connection is working. > > > > > > > I remember being puzzled by that myself. I thought I had got it working > > but I'm struggling to be sure now whether I got it working or switched > > synproxy off on that machine, sorry. > > > > > I can reproduce this on two different machines, with different ISPs and > > > different NICs facing the ISPs using pppoe. > > > > Is it possible or have you tried the NIC that it works on in pppoe mode. > > I could try it, but the two machines have two different types of NICs > (re and em) using pppoe. It would be a really weird bug in both re and > em if these drivers were to act up with pppoe and not with eg. vge > (which is the other card in one of the machines with which I'll try this > variation tomorrow). -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) _______________________________________________________________________
