On Jun 6, 2005, at 3:00 PM, Kelley Reynolds wrote:
On Jun 6, 2005, at 9:27 AM, Jason Dixon wrote:
Sorry, missed your comment before about only having that one rule.
Well, I'm sure that the rule you've posted will cause you headaches
since it's filtering on all interfaces. Try the following rule:
pass on rl0 keep state
This should create the necessary states, both inbound and outbound,
for all traffic. The rule you've attempted not only filters and
keeps state on *all* interfaces, but it neglects inbound traffic
Man, how I wish that would've worked. Same problem.. FTP dies at 96K.
That number has to be significant for something, it's the same every
time.
You mention that this happens whether the FTP server is on the other
side of the bridge or not. Please describe the tests you've performed
and where each host resides with regards to the topology. Also, have
you tested this with other protocols like scp?
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
