Using the following rule,
Code:
pass in on inside inet proto tcp \
from (inside:network) to any \
tag OK2OUT flags S/FSRA keep state
pass out on outside inet \
tagged OK2OUT modulate state
FIREFOX 3.5.5 fails to open new sessions. IE opens sessions just fine.
Using,
Code:
pass in on inside inet proto tcp \
from (inside:network) to any \
tag OK2OUT flags S/SA modulate state
FIREFOX succeeds (IE as well).
Upgraded to pf v4.6 over the weekend. It was working under pf v4.5.
Has anyone else stubbed their toe on this or its like?
/S