Date: Tue, 27 Jun 2006 13:39:41 +0300 From: "N. Ersen SISECI" <siseci@gmail.com> To: freebsd-pf@FreeBSD.org Subject: Keep State is not working on 6.1-RELAESE-p1 Message-ID: <44A10AED.6040606@gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, There seems to be a problem with the "keep state" handling with my pf on FreeBSD 6.1-RELEASE-p1. My first rule is pass in all with keep state. But the packets do not seem to be able pass out from the other interface. If i change the last block's to "pass" everything works fine. It seems that the state table is always on if-bound'ed??? Is there a solution for this problem, or do I miss a configuration with kernel, pf, pf.conf etc... ??? or is this a bug :) Please help... Here is my rules, set state-policy floating pass in log quick proto tcp from any to any keep state block in log quick all block out log quick all These are pf log lines; 2006-06-27 15:22:27.188969 rule 0/0(match): pass in on bge0: 192.168.9.99.60248 > 10.0.0.2.22: S, cksum 0xc573 2006-06-27 15:22:27.188986 rule 2/0(match): block out on em0: 192.168.9.99.60248 > 10.0.0.2.22: S, cksum 0xc573 N. Ersen SISECI http://www.enderunix.org EnderUNIX SDT @ Turkey
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44A10AED.6040606>