Date: Mon, 16 Nov 2009 02:11:02 -0800 From: =?iso-8859-1?Q?Ask_Bj=F8rn_Hansen?= <ask@develooper.com> To: freebsd-pf@freebsd.org Subject: Avoid keeping state of ntp requests Message-ID: <B4BDA459-66C1-4FC5-8C27-E090C3FD85E7@develooper.com>
next in thread | raw e-mail | index | archive | help
Hi, I'm trying to avoid keeping state of ntp requests to our ntp servers. They are on UDP and numerous, so it's just wasting a lot of space in the state table. I've tried various variations of 'pass quick', but some rule keeps adding state for the port 123 requests. I've put the full output of 'pfctl -sa' here: http://tmp.askask.com/2009/11/pf.txt Any ideas? - ask
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B4BDA459-66C1-4FC5-8C27-E090C3FD85E7>