Date: Wed, 30 Nov 2005 17:27:04 +0100 From: Roland Smith <rsmith@xs4all.nl> To: freebsd-questions@freebsd.org Subject: Re: pf blocking nfs Message-ID: <20051130162704.GA1587@slackbox.xs4all.nl> In-Reply-To: <20051130125225.GJ27673@merkur.atekomi.net> References: <60336.192.168.3.69.1133319528.squirrel@webmail.proficuous.com> <438D1894.90500@mac.com> <63871.192.168.3.69.1133320948.squirrel@webmail.proficuous.com> <438D1D95.7010503@mac.com> <65229.192.168.3.69.1133323019.squirrel@webmail.proficuous.com> <20051130125225.GJ27673@merkur.atekomi.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--ikeVEW9yuYc//A+q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 30, 2005 at 06:52:25AM -0600, Will Maier wrote: > On Tue, Nov 29, 2005 at 09:56:59PM -0600, Aaron P. Martinez wrote: > > > Aaron P. Martinez wrote: > [...] > > I realize i could just accept all udp packets from the NFS server or ev= en > > just ports 2049, but the underlying question is, why isn't my "keep sta= te" > > rule handling this. >=20 > I don't use pf (or NFS), but UDP is a stateless protocol. I wouldn't > be surprised if pf couldn't keep track of its state... It is supposed to work, except for FTP. Roland --=20 R.F.Smith (http://www.xs4all.nl/~rsmith/) Please send e-mail as plain text. public key: http://www.xs4all.nl/~rsmith/pubkey.txt --ikeVEW9yuYc//A+q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDjdLYEnfvsMMhpyURAmvpAJ4ik9DOyeOmVWmAXPl4f8X8j6BtUwCeNjjJ 6gVrdlQrQ8uZGsSjmr1vhl8= =0ZXh -----END PGP SIGNATURE----- --ikeVEW9yuYc//A+q--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051130162704.GA1587>