set skip on lo set block-policy drop
set timeout tcp.finwait 900
set timeout tcp.closing 900
(There also an adaptive setting based on load)
Your client, if its really a mac, may have a sysctl like
...net.inet.tcp.finwait2_timeout: 60000
... net.inet.tcp.finwait2_timeout: FIN-WAIT2 timeout
Or something similar ~BAS
