Keeping state on the outgoing connections worked like a charm. I also took your advice and removed quick from my SSH rule (don't recall why I had it there in the first place). Thanks to everyone for their help.
On Tue, Dec 2, 2008 at 3:11 AM, Martin Toft <[EMAIL PROTECTED]> wrote: > You have nothing that creates states for connections being made in the > outgoing direction. I am not completely certain, but something like > "pass out" before other filtering rules should make your day :-) > > It would also be cleaner if you deleted "quick" from the ssh rule and > moved it down to the domain and smtp rules... IMHO. > > Just remember that filtering is "last matching rule wins", and you will > rarely need the quick keyword. > > Martin
