> >>I wrote some days ago about a problem we have with connections from > >>certain networks (usually ADSL) being suddenly terminated after anything > >>from a few seconds to several minutes. > > > >Check you use 'flags S/SA keep state' apart from anything that > >explicitly must be stateless (only likely if you have PF on multiple > >boxes with asymmetric routing). > > I don't use flags anywhere in my keep state rules... Are you saying that I > should use those flags everywhere
Yes, use them everywhere.
