TCP connections are bidirectional, therefore you need to add rules which allow traffic from all back to your workstation, or else use keep-state and check-state to use dynamic rules....
The firewall script already had a rule for that: allow ip from {server} to any
The problem wasn't that the firewall was *stopping* legitimate packets. It was just *slowing them down* like crazy. Very weird.
Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"