That line doesn't seem to cause problems with microsoft.com for me. I poked around on a few of their pages with no issues. Adding "max-mss 1440" does not help with the web sites I do have problems with, however.
I think 4.6 has this same syntax as you are used to, but -current, which I'm using, changes to putting those options in match rules. Anyway, removing "reassemble tcp" resolves the issues. Thanks for all the responses. Corey >> match in all scrub (reassemble tcp no-df random-id) >just a question. with the above line enabled do sites like >www.microsoft.com break? > >I had a client last week complain that microsoft.com was broken(among others) >here is what I had to do in pf.conf in FreeBSD 8.0RC2 > >scrub all reassemble tcp max-mss 1452 > >after that microsoft.com started working again. > >I know that OpenBSD 4.6 changed the syntax a bit so I am not sure what >it would have to be now. > >Sam Fourman Jr.
