On Sunday 11 March 2007 16:44, Samuel Penn wrote:
> On Sunday 11 March 2007 16:33, Mat Grove wrote:
> > On Sun, 11 Mar 2007 14:13:53 +0000
> >
> > Samuel Penn <sam@???> wrote:
> > > Anybody have any ideas about how to start troubleshooting this?
> >
> > Get your firewall rules to log all the packets they drop and accept
> > and check to see if they are doing something that is breaking stuff? I'd
> > probably do this for my own sanity even if I didn't think the firewall
> > could be the culprit, just to be sure.
>
> If I switch off PF (the OpenBSD packet filter), then it all works. Time to
> read up on PF...
Found it. Changing
pass in log quick on $ExtIF inet proto tcp from any to any port $Services
to
pass in log quick on $ExtIF inet proto tcp from any to any port $Services keep state
got it all working. This hasn't changed for years, so presumably clients/kernels
have got more picky about what they accept recently.
Thanks to everyone for your suggestions (and to those who helped pick through
tcp dumps a few months back when I was encountered the issue).
--
Be seeing you, http://www.glendale.org.uk
Sam. Mail/IM (Jabber): sam@???
