Andre Oppermann schrieb am 03.02.2008 10:26:
85.214.42.62 is the other MTA, 172.16.0.2 is my jail.
I use PF with rdr/nat on FreeBSD 7 RC4.
We have not released 7RC4 yet. You probably run BETA4. An upgrade to
7RC1 or 7RC2 in the next few days fixes all known TCP bugs.
Yeah of course, I mean BETA4. uname says: 7.0-PRERELEASE
Which tag is the best?
currently I use release=cvs tag=RELENG_7. Will I get with this 7RC..?
Other than that it looks like your PF rule set may be not entirely
correct. Please post your pf.conf.
expect the filter-rules this is the top of my pf.conf
<some macros>
set timeout { interval 30, frag 10 }
set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 }
set timeout { tcp.closing 900, tcp.finwait 45, tcp.closed 90 }
set timeout { udp.first 60, udp.single 30, udp.multiple 60 }
set timeout { icmp.first 20, icmp.error 10 }
set timeout { other.first 60, other.single 30, other.multiple 60 }
# Normalisierung
#scrub in all
set optimization normal
set block-policy return
....
Oskar
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
