well - no problems here just curious again :- (so I do not necessary expect an answer, maybe just yes or no)
a customer firewall is sending me logfiles when the log buffer is filled; sometimes this happens: The Sender log: Peer TCP state out of order, sent TCP RST: TCP pf logs (Receiver, rule 0 block all): Nov 09 18:47:33.715049 rule 0/0(match): block out on ti0: 19.61.78.2.25 > 217.237.82.114.2313: FP 0:9(9) ack 1 win 16384 (DF) after reading through rfc1693 and shortly glancing into other papers, I suggest that ACK is blocked by pf - since this tcp extension is an inherent security risk? - or is there any technical reason such as the congestion window size? regards i.t -- . ___ | | Irmund Thum | | thum.ath.cx
