You're going to have to turn off 'modulate tcp'. One of the TCP endpoints isn't following PAWs and stopped sending the TCP Timestamps or someone is trying to blind hijack the connection.
> More info - I ran a test scenario. > Here is a sample of the messages I get via syslog with set debug loud > and scrub with reassemble tcp trying to run OS X's "Software Update". > > Jul 19 19:42:37 obsd38 /bsd: pf_normalize_tcp_stateful: Did not receive > expected RFC1323 timestamp > Jul 19 19:42:37 obsd38 /bsd: TCP 192.168.1.14:65108 192.168.1.14:65108 > 17.250.248.95:80 [lo=4276925920 high=4276942304 win=65535 modulator=0 > wscale=0] [lo=708430922 high=708496457 win=16384 modulator=0 wscale=0] 9:4 A > > -Dan
