Date: Mon, 16 Nov 2009 18:44:13 +0800 From: Denny Lin <dennylin93@cnmc32.hs.ntnu.edu.tw> To: freebsd-pf@freebsd.org Subject: Re: Avoid keeping state of ntp requests Message-ID: <20091116104413.GA32966@mx.hs.ntnu.edu.tw> In-Reply-To: <B4BDA459-66C1-4FC5-8C27-E090C3FD85E7@develooper.com> References: <B4BDA459-66C1-4FC5-8C27-E090C3FD85E7@develooper.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm trying to avoid keeping state of ntp requests to our ntp servers. They are on UDP and numerous, so it's just wasting a lot of space in the state table. > > I've tried various variations of 'pass quick', but some rule keeps adding state for the port 123 requests. I've put the full output of 'pfctl -sa' here: Have you tried adding "no state" at the end of the rule? This way they aren't added to the state table. -- Denny Lin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091116104413.GA32966>