Date: Tue, 17 Jul 2001 16:23:24 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: User & Ian Patrick Thomas <ipthomas_77@yahoo.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: how could this PACKET get through?! Message-ID: <20010717160034.T96585-100000@cactus.fi.uba.ar> In-Reply-To: <20010717142652.A1048@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
When you "keep state" on UDP packets, the firewall automagically punches a hole to allow the reply. For example: pass out on tun0 proto udp from <local ip> to any port = 53 keep state If you do a dns query to, say 10.1.1.53 the packets coming from 10.1.1.53 port 53 will pass through the firewall, but packets from another ip won't. Fer On Tue, 17 Jul 2001, User & Ian Patrick Thomas wrote: > How do you keep state on UDP packets, when UDP is a stateless protocol? > > Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010717160034.T96585-100000>