> Is there a commonly known cause of *return* TCP/IP traffic > to reach but be dropped rather than passed back across a > bridge (ala bridgename.bridge0) but... get this... only on > the first try?
if this is a long-lived TCP connection, perhaps firewall states have timed out. if so, adjusting timers may help, either for certain rules, or use the 'set optimization' shortcuts (these set up default values for tcp.first, tcp.opening etc - src/sbin/pfctl/pfctl.c shows that aggressive sets tcp.established to 5h, normal 24h, conservative 5d) without the 3 page email it's guesswork though. > I'd like to get into a detailed explanation of the network > topology I'm working with here but I don't want to scare off > anyone by opening with a 3 page email. people can always skip the email, most people who will be able to help would prefer to have the information in one place rather than back-and-forth to find it out. in most cases, actual configs and output from system commands work better than descriptions. note that the process of gathering all the relevant information for a good list post will often highlight the actual problem :-)
