On 5/12/05, Anders Hagman <anders dot hagman at netplex dot se> wrote:
> Hi
> 
> One more time:
> 
> I had no trouble with outgoing or incomming mail, out or in surf, out or in
> ftp and so on before switching the IP address on the WAN interface.
> Everything have bin working for over one year.
> 
> After the switch from PPPoE to static address, I can still surf, send mail
> (this for instans) and so on. But nobody can send an email to my server
> through the firewall. The NAT roule is unchanged, stating port 25 should be
> forwarded to my public mail server with the address 10.2.34.5 on port 25. A
> filter roule is also stated to allow the incomming packet heading for my
> mail
> server (auto generated). And it does, the packet reaches the server.
> 
> So far everything is as normal. But when my server responds to the SYN
> packet
> from the client the firewall drops the packet not matching it with the
> state
> table.
> 
> As I see it the statefull packet inspection does not work.
> 

Can you send your config.xml, either offlist to me in an email or back
to the list?  Copy it off of /status.php so the passwords are removed.
 This isn't possible, so you have to have something wrong in the
config, and that's the easiest way to find out what.

-Chris