Ok, got it. Prior to submitting my ruleset in my last post I removed one key
line that I did
not think could have any influence:
block return in log on $EXT proto { udp, tcp } all
Yesss doggy... this creates a very misleading result when viewing traffic with
tcpdump.
For those who may get tripped up by this, I *am* responding but the response
consists of
sending a RST flag to close the TCP connection immediately instead of allowing
it to time out.
______________________________________________________________________
Post your free ad now! http://personals.yahoo.ca
