[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: perceived strange behavior



I got a tcp dump of this occurring if anyone is interested in looking, I have not really had a chance to look at it yet....
It's in binary format. There was a flurry of ICMP going from this machine at the time also, I forgot to ask him to turn off everything else.


http://www.qosbox.com/tests/aim.dump.tgz



nb

On Sep 10, 2004, at 6:57 AM, Jason Opperisano wrote:

On Fri, 2004-09-10 at 03:11, Ryan McBride wrote:
On Thu, Sep 09, 2004 at 08:40:23PM -0400, Jason Opperisano wrote:
all use TCP Port 5190. all three connections appear to stay open once
connected. the simple solution appears to be to set a NAT rule that
only uses 1 translation IP for connections on TCP Port 5190.

Or use the 'sticky-address' keyword.

yes--precisely. the OP on "other firewall mailing list" was essentially
asking for pf's sticky-address feature.


forgot where i was posting there for second...

-j

=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~= ~
I hate it when my foot falls asleep during the day cause that means it's
going to be up all night. -- Steven Wright
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~= ~