Date: Thu, 03 Mar 2005 13:38:38 -0600 From: Paul Schmehl <pauls@utdallas.edu> To: FreeBSD questions <freebsd-questions@freebsd.org> Subject: Re: ipfw lost its mind? Message-ID: <E879B29E7D463AD4CA8D4543@utd49554.utdallas.edu> In-Reply-To: <42275BF0.1060005@mac.com> References: <302EDA302808644CF37C11E5@utd49554.utdallas.edu> <42275BF0.1060005@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--On Thursday, March 03, 2005 01:48:16 PM -0500 Chuck Swiger
<cswiger@mac.com> wrote:
>
> TCP connections are bidirectional, therefore you need to add rules which
> allow traffic from all back to your workstation, or else use keep-state
> and check-state to use dynamic rules....
The firewall script already had a rule for that:
allow ip from {server} to any
The problem wasn't that the firewall was *stopping* legitimate packets. It
was just *slowing them down* like crazy. Very weird.
Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E879B29E7D463AD4CA8D4543>