UDP weirdness
Jille
jille at quis.cx
Wed May 7 20:50:13 UTC 2008
Ansar Mohammed schreef:
> Ok, so adding the line as you suggested worked.
> Thanks Kevin.
>
> But why do I need to have both entries in for
>
> pass in proto udp from any to any port 53
> pass out proto udp from any to any port 53
>
> what makes UDP so special?
UDP is stateless,
With TCP you've got an connection (identified by: local host:port and
remote host:port)
With UDP, well, you just trow the packages over the line, and hope the
is (still) someone on the other end.
So the is (almost) no way to detect whether packets are responses to
eachother
-- Jille
More information about the freebsd-pf
mailing list