pf's states
Victor Sudakov
vas at sibptus.ru
Mon Dec 2 13:46:30 UTC 2019
Artem Viklenko via freebsd-pf wrote:
> Hi!
>
> Check current state-policy - if-bound or floating.
I thought it was "floating" by default.
> If it if-bound, out rules needed. If floating - state should pass traffic in
> reverse direction.
Well, I configured "set state-policy floating" explicitly in pf.conf and
no, this did not help.
Uncommenting the "block.." rule prevents a tcp connection from
192.168.10.3 to 172.16.1.10:80" - why is that?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20191202/a67d9f5f/attachment.sig>
More information about the freebsd-pf
mailing list