Set net.inet.tcp.rfc1323=0 in /etc/sysctl.conf and that should resolve the issue. We've been testing in house with OpenBSD for Vista (we have 700+/- systems in the field) and this seems to resolve the issue.
Regards, Mike Lockhart =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Mike Lockhart [Systems Engineering & Operations] StayOnline, Inc http://www.stayonline.net/ mailto: [EMAIL PROTECTED] GPG: 8714 6F73 3FC8 E0A4 0663 3AFF 9F5C 888D 0767 1550 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stuart Henderson Sent: Tuesday, November 28, 2006 5:46 PM To: Reverend Deuce Cc: misc@openbsd.org Subject: Re: Baffling problem with OBSD-protected servers and Windows Vista... On 2006/11/28 14:32, Reverend Deuce wrote: > Okay guys, I posted that long message about Firefox/etc on Windows > Vista a couple of days ago. this would be easier if you just posted pf.conf rather than non-linear snippets; however.. > a) there is a default block policy I didn't notice you posting anything showing a default block for outgoing packets, check this and if not, add one. > block in log from any to any label "DefaultBlock" > block in log on { $ext_if } all label "DefaultBlock" > block return-rst in log on { $ext_if } proto tcp all label "DefaultBlock" > block return-icmp in log on { $ext_if } proto udp all label "DefaultBlock" fwiw, you can simplify these if you like: 'block return in log on { $ext_if } label "DefaultBlock"' > I have heard it said that it makes no sense to filter on two > interfaces, best to pass on one and block on the other. that advice is usually given in relation to filtering bridges.
