[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

synproxy problem




I tried to implement synproxy the other day and found that some of our clients couldn't connect to our http servers.


	pass in quick on $ext inet proto tcp \
   	from any port $safe to $httpdservers port http \
   	flags S/SA synproxy state

I'm including my http server rules just in case my problem is the has something to do with them.

	pass in quick on $ext inet proto tcp \
	from any port $safe to $httpdservers port http \
	flags S/SA keep state

	pass out quick on $ext inet proto tcp \
	from $httpdservers port http to any port $safe \
	flags S/SA keep  state


Do I need to change the flags and state declaration to something other than S/SA keep state, should it be SA/SA keep state?