At 07:56 PM 5/31/2007, Sandwich Maker wrote:
i wonder if it's the flags, and they're not handling tcp handshaking quite pukka?
Perhaps. Except that....I just found that the change I made did *not* fix the problem. I'm not sure what I did that gave me the impression it was fixed - possibly left the 'pass in out all' ruleset in place. Argh.
So, I'm back to square one. I'm going to run verbose snoops while the blocking is in effect.
Question in terms of list etiquette - rather than posting a huge packet dump to the list, is it acceptable to post the file on my website, and provide a link to it? Possibly more importantly - is doing so desireable?
Paul Theodoropoulos http://www.anastrophe.com
