Date: Tue, 27 Jun 2006 15:29:23 +0200 From: Daniel Hartmeier <daniel@benzedrine.cx> To: "N. Ersen SISECI" <siseci@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: Keep State is not working on 6.1-RELAESE-p1 Message-ID: <20060627132923.GE14502@insomnia.benzedrine.cx> In-Reply-To: <44A10A44.1070602@gmail.com> References: <44A10A44.1070602@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 27, 2006 at 01:36:52PM +0300, N. Ersen SISECI wrote: > My first rule is pass in all with keep state. But the packets do not > seem to be able pass out from the other interface. If i change the last > block's to "pass" everything works fine. It seems that the state table > is always on if-bound'ed??? > > Is there a solution for this problem, or do I miss a configuration with > kernel, pf, pf.conf etc... ??? or is this a bug :) Neither, your interpretation of 'floating' does not match reality, see http://marc.theaimsgroup.com/?l=openbsd-pf&m=114372425614238&w=2 In short, create two state entries per connection. Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060627132923.GE14502>