On Sat, Dec 02, 2006, Axel Rau wrote: > my imaps links sometimes get stuck and performance suffers.
[...]
> pass in on $green_if inet proto tcp from <intra_nets> to
> <bastion_mail_hosts> \
> port { smtp, imaps } tag GREEN_DMZ $tcp_options
Either keep state the incoming packet (along with "flags S/SA") or do
not keep state at all in the second rule.
> and exit like
> pass out quick on $dmz_if tagged GREEN_DMZ keep state
--
Unix stuff :: http://tehran.lain.pl
Yet Another RBL :: http://rbl.lain.pl
