Hello,
There is one strange thing going on with this combination. I saw this
many times by now: when fetch(1) is trying to download something from
http://ftp.gnu.org, it is hanging after a very small amount of data;
sometimes on 0%. After disabling pf(4), fetch(1) is not hanging any
more, so I guess that the problem is somewhere in my pf.conf. Here is
it:
---- pf.conf -- begin ---
ext_if = "em0"
icmp_types="echoreq"
# don't filter on the loopback interface
set skip on lo0
set block-policy return
scrub all no-df random-id reassemble tcp
# setup a default deny policy
block all
# activate spoofing protection for the internal interface.
antispoof quick for lo0 inet
# pass tcp, udp, and icmp out on the external (Internet) interface.
# keep state on udp and icmp and modulate state on tcp.
pass in on $ext_if proto tcp from any to $ext_if port 65522 keep state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto {udp, icmp} all keep state
---- pf.conf -- end ---
Any idea what's wrong here?
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
