I tried to implement synproxy the other day and found that some of our clients couldn't connect to our http servers.
pass in quick on $ext inet proto tcp \
from any port $safe to $httpdservers port http \
flags S/SA synproxy stateI'm including my http server rules just in case my problem is the has something to do with them.
pass in quick on $ext inet proto tcp \
from any port $safe to $httpdservers port http \
flags S/SA keep state pass out quick on $ext inet proto tcp \
from $httpdservers port http to any port $safe \
flags S/SA keep stateDo I need to change the flags and state declaration to something other than S/SA keep state, should it be SA/SA keep state?
