On Sat, Feb 08, 2003 at 09:59:23PM -0300, Alejandro G. Belluscio wrote: > That only happens if those packets don't belong to any state. Else
yep. > state packets don't go throu rule evaluation. So it's perfect to only > allow S/SA (I do S/SAFRUP, but let's not get into flame wars :-). The never said it wasn't. :P > have the form of a TCP CLOSE sequence (actually they are repeats of > the last step) I guess that connection has timed out. So since they i've seen this before from the ftp site i get my weather from. i just use this rule nowadays: block in quick on $ext_if proto tcp all flags /S - jolan
