Hi. I am using ipfilter for mail server, but I got little problem because of it's performance. If I send a email it's look like very slow, I was read FAQ and I also add :
block return-rst in quick on ppp0 proto tcp from any to any port = 113 but it's still slow, here is complate rules in ipf.conf : block in log quick all with short block in log quick all with opt lsrr block in log quick all with opt ssrr pass in on lo0 all pass out on lo0 all block in log on eri0 all block out log on eri01 all #block return-rst in quick on eri0 proto tcp from any to any port = 113 #return-rst for ident block return-rst in quick on eri0 proto tcp from any to any port = 113 pass out quick on eri0 proto tcp from any port = 113 to any flags R/RSFUP #pass in quick on lo0 all #pass out quick on lo0 all pass in quick on eri0 proto tcp from any to any port = smtp flags S keep state keep frags pass out quick on eri0 proto tcp from any to any port = smtp flags S keep state keep frags #pass in quick on eri0 proto tcp from any to any port = smtp flags S keep state keep frags #pass in quick proto tcp from any to any port = smtp flags S keep state pass in quick on eri0 proto tcp from any to any port = 80 flags S keep state keep frags pass in quick on eri0 proto tcp from any to any port = 110 flags S keep state keep frags pass in quick on eri0 proto tcp from 192.168.0.14 to any port = 22 flags S keep state keep frags pass in quick on eri0 proto tcp from 192.168.0.20 to any port = 22 flags S keep state keep frags pass in quick on eri0 proto icmp from any to any icmp-type 3 keep state keep frags pass in quick on eri0 proto icmp from any to any icmp-type 11 keep state keep frags how to fix it ? I am using solaris 9 and qmail for mail server.
