I configure ipfw for a local mail server. Everything works fine, but after a while (from one and a half days to a couple of hours) incorrect work is observed: mail from other domains comes, but mail does not go from my mailer to another domain. Overloading or shutting down ipfw immediately solves the problem. Mail inside my domain works good. My mailer is postfix, dovecot, MySQl Here are my rules:
#!/bin/sh
cmd="/sbin/ipfw -q"
${cmd} -f flush
#loopback
${cmd} add 10 allow ip from any to any via lo0
${cmd} add 11 deny ip from any to 127.0.0.1/8
${cmd} add 12 deny ip from 127.0.0.1/8 to any
#
${cmd} add 20 allow tcp from any to any established
#table ssh 22
table_ssh=22
${cmd} table $table_ssh flush
${cmd} table $table_ssh add 192.168.0.48
#icmp
${cmd} add 30 allow icmp from 192.168.0.0/24 to me
${cmd} add 30 allow icmp from me to 192.168.0.0/24
#ssh
${cmd} add 40 allow tcp from "table(22)" to me 22 in via em0
${cmd} add 41 deny log tcp from any to me 22 in via em0
#mail, web
${cmd} add 50 deny tcp from 192.168.1.0/24 to me 25,110,143,80 in via em0
${cmd} add 51 allow tcp from any to me 25,110,143,80 in via em0
#servers rules
${cmd} add 60 allow ip from me to any out via em0
#UDP Server
${cmd} add 61 allow udp from me to any dst-port 53 out via em0
${cmd} add 62 allow udp from any to me src-port 53 in via em0
