pf creating states by default now?
Remko Lodder
remko at FreeBSD.org
Sun Sep 7 15:30:02 UTC 2008
Yar Tikhiy wrote:
>
>
> Looks like pfctl or pf itself added stateful semantics to my pf.conf
> that weren't there initially. Is this effect intended and, if so, how
> can I tell pf not to create states from certain rules?
>
> Thanks! And excuse me if I'm just missing something.
>
> Yar
>
Hi Yar,
Yes since 7.0 this behaviour is intented. flags S/SA and keep state are
implied now. If you do not want to use them you set ''no state'' to get
rid of the statefull filter. I think that also grabs the flags S/SA
because that tells you when the statefull filter is being setup.
Hope this helps,
remko
--
/"\ Best regards, | remko at FreeBSD.org
\ / Remko Lodder | remko at EFnet
X http://www.evilcoder.org/ |
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
More information about the freebsd-pf
mailing list