Re: 327w firewall "state" rule times out in 10sec?!?
so I've already mentioned that http; https; and ssh fail after approximately 10 seconds of inactivity when I enable the state action in the outbound firewall.
However, NNTP (port 123) and DNS (port 53) fail unless I enable the state action in the firewall; or explicitly enable them for dynamic NAT. They fail because the inbound firewall drops them AFTER NAT does it magic and converts the destination IP. I don't understand the difference between how NAT handles SSH; HTTP; HTTPS; and NNTP; DNS. I suppose SSH; HTTP; and HTTPS are hard-coded for dynamic NAT even though they do not show up in the list of enabled NAT client services? And NNTP; and DNS are not hard-coded and must be manually enabled?
And I still fail to understand how enabling the state action on HTTP; HTTPS; and SSH cause them to fail, even if they are using dynamic NAT.
3 04/06/2008 13:27:38 Inbound 1 RulesInDropAll Drop All Unsolicited Inbound
IP Packet Header:
Src Addr : 130.127.8.8 Dest Addr: 192.168.19.239
UDP Packet Header:
Src Port: 53 Dest Port: 49273
4 04/06/2008 13:27:28 Inbound 1 RulesInDropAll Drop All Unsolicited Inbound
IP Packet Header:
Src Addr : 17.254.0.27 Dest Addr: 192.168.19.239
UDP Packet Header:
Src Port: 123 Dest Port: 123
