[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: again: return-rst port weirdness (3.4.17 solaris7/sparc)
From:       grant () grunta ! com
Date:       2001-04-26 4:33:03
[Download RAW message or body]

On Thu, Apr 26, 2001 at 11:14:39AM +0800, Larry Moore wrote:

> Include a rule in /etc/opt/ipf/ipf.conf like this one to allow return-rst
> back out.
> 
> pass out on le1 proto tcp from any to any flags RA

Ah. Sorry if it wasn't clear this time around, but it's not that
RST packets get blocked, they get mangled by NAT.

(see my original post last week)

	http://www.false.net/ipfilter/2001_04/0261.html

g.

[prev in list] [next in list] [prev in thread] [next in thread]