pf blocking nfs
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Wed Nov 30 16:40:15 GMT 2005
Will Maier <willmaier at ml1.net> writes:
> On Tue, Nov 29, 2005 at 09:56:59PM -0600, Aaron P. Martinez wrote:
> > > Aaron P. Martinez wrote:
> [...]
> > I realize i could just accept all udp packets from the NFS server or even
> > just ports 2049, but the underlying question is, why isn't my "keep state"
> > rule handling this.
>
> I don't use pf (or NFS), but UDP is a stateless protocol. I wouldn't
> be surprised if pf couldn't keep track of its state...
No, that's a big part of *why* you want pf to keep track of its state.
More information about the freebsd-questions
mailing list