On 4/10/06, James Nachlin <[EMAIL PROTECTED]> wrote: > I'm having a strange situation where I'm getting back errors when > connecting to a web server (lighttpd) from IE, which I do not get from > firefox and I don't get connecting directly, not through the pf firewall. > > To the client, this appears as slow connections or dropped connections. > Looking at the traffic with Ethereal, the main difference seems to be > the presence of tons of packets with the RST flag set.
This fits with IE's known TCP stupidity. IE can assume it's talking to a IIS server and together they leave and/or assume TCP sessions that are stil open past the point that PF would drop the state. If you're currently doing "block drop" you could try block return, which should get things working a bit quicker. Alternately, the pf.conf would also help a lot. > At the risk of providing too much information, I'm attaching cap files. > Hope this list doesn't strip attachments. Umm, 350K of attachments to a mailing list... I'm certainly glad I'm not hosting this mailing list. Anything over about 20K I'd suggest posting on an ftp/htp server somewhere. -- Jon Simola Systems Administrator ABC Communications
