On 2006/11/28 18:07, Michael Lockhart wrote: > Set net.inet.tcp.rfc1323=0 in /etc/sysctl.conf and that should resolve > the issue.
that's not a fix though, it just avoids the conditions which cause the problem to occur. better to ensure the ruleset is completely sane. if so, then test cases need to be found to isolate the problem. if anyone wants an example of wonderful source code commenting, the pf_norm.c sections relating to rfc1323 are particularly good.
