From owner-freebsd-pf@FreeBSD.ORG Wed May 7 20:50:13 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 014FD1065670 for ; Wed, 7 May 2008 20:50:13 +0000 (UTC) (envelope-from jille@quis.cx) Received: from smtp4.versatel.nl (smtp4.versatel.nl [62.58.50.91]) by mx1.freebsd.org (Postfix) with ESMTP id 6A5C18FC13 for ; Wed, 7 May 2008 20:50:12 +0000 (UTC) (envelope-from jille@quis.cx) Received: (qmail 11095 invoked by uid 0); 7 May 2008 20:50:11 -0000 Received: from ip83-113-174-82.adsl2.versatel.nl (HELO istud.quis.cx) ([82.174.113.83]) (envelope-sender ) by smtp4.versatel.nl (qmail-ldap-1.03) with SMTP for < >; 7 May 2008 20:50:11 -0000 Received: by istud.quis.cx (Postfix, from userid 100) id C3FB239825; Wed, 7 May 2008 22:50:08 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on istud.quis.cx X-Spam-Level: X-Spam-Status: No, score=-4.2 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.4 Received: from [192.168.1.4] (ille [192.168.1.4]) by istud.quis.cx (Postfix) with ESMTP id A8A0B39819; Wed, 7 May 2008 22:50:01 +0200 (CEST) Message-ID: <482215F4.1080806@quis.cx> Date: Wed, 07 May 2008 22:49:56 +0200 From: Jille User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: Ansar Mohammed References: <004f01c8b068$89c89350$9d59b9f0$@com> <005101c8b06b$5f0743c0$1d15cb40$@com> <008b01c8b081$c74692e0$55d3b8a0$@com> In-Reply-To: <008b01c8b081$c74692e0$55d3b8a0$@com> X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-pf@freebsd.org Subject: Re: UDP weirdness X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2008 20:50:13 -0000 Ansar Mohammed schreef: > Ok, so adding the line as you suggested worked. > Thanks Kevin. > > But why do I need to have both entries in for > > pass in proto udp from any to any port 53 > pass out proto udp from any to any port 53 > > what makes UDP so special? UDP is stateless, With TCP you've got an connection (identified by: local host:port and remote host:port) With UDP, well, you just trow the packages over the line, and hope the is (still) someone on the other end. So the is (almost) no way to detect whether packets are responses to eachother -- Jille