-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello, I have been seeing these entries in my IPFilter log on my SMTP relay. 28/10/2002 00:04:02.003897 hme0 @0:17 b 12.9.224.52,25 -> 63.208.138.168,32898 PR tcp len 20 48 -A IN So what is happening here is that my SMTP relay, 63.208.138.168, is opening a connection to 12.9.224.52 on port 25 and the response is being blocked. I get about 3000 of these a day and they are only from 1 or 2 hosts which leads me to believe that it isn't the state table filling up. I do have this rule for allowing outbound connections. pass out quick on hme0 proto tcp from 63.208.138.168/32 to any keep state The weird part is if I flush the filter rules and reload them connecting to this host still fails but if I flush the rules, telnet to this host on port 25, and then reload the filter rules it seems to fix it and I can continue to connect to this host. There are only about 300-350 entries in the state table and the server runs Solaris 8 sparc. Any thoughts? - -Dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (SunOS) iD8DBQE9vbZxu3B/p4jCw/IRAkjGAJ9f+dzqwl/Ab4DnY4YdDPC+2oxaLQCgiEXV oLEMZzoYO+vSBtx64jfndZI= =3wAJ -----END PGP SIGNATURE-----
