Date: Wed, 30 Nov 2005 06:52:25 -0600 From: Will Maier <willmaier@ml1.net> To: freebsd-questions@freebsd.org Subject: Re: pf blocking nfs Message-ID: <20051130125225.GJ27673@merkur.atekomi.net> In-Reply-To: <65229.192.168.3.69.1133323019.squirrel@webmail.proficuous.com> References: <60336.192.168.3.69.1133319528.squirrel@webmail.proficuous.com> <438D1894.90500@mac.com> <63871.192.168.3.69.1133320948.squirrel@webmail.proficuous.com> <438D1D95.7010503@mac.com> <65229.192.168.3.69.1133323019.squirrel@webmail.proficuous.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 29, 2005 at 09:56:59PM -0600, Aaron P. Martinez wrote:
> > Aaron P. Martinez wrote:
[...]
> I realize i could just accept all udp packets from the NFS server or even
> just ports 2049, but the underlying question is, why isn't my "keep state"
> rule handling this.
I don't use pf (or NFS), but UDP is a stateless protocol. I wouldn't
be surprised if pf couldn't keep track of its state...
--
o--------------------------{ Will Maier }--------------------------o
| jabber:..wcmaier@jabber.ccc.de | email:..........wcmaier@ml1.net |
| \.........wcmaier@cae.wisc.edu | \..........wcmaier@cae.wisc.edu |
*------------------[ BSD Unix: Live Free or Die ]------------------*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051130125225.GJ27673>