On Thu, Nov 08, 2007 at 08:08:52PM +0100, Dag-Erling Sm??rgrav wrote: > Given appropriate definitions for $eth and $lan, you'd expect the > following rule to simply pass all traffic originating from and destined > for the LAN: > > pass on $eth from $lan to $lan > > However, in pf, "keep state" is *implicit* (why?), so you'd expect it to > turn into something like this:
I think this was turned on in the OpenBSD as of 4.0 i think. Default keep state. To negate this behavour in OpenBSD pf you can add no state : pass on $eth from $lan to $lan no state I'me not sure if this also works on FreeBSD Regards -- Microsoft: Where do you want to go today? Linux: Where do you want to go tomorrow? FreeBSD: Are you guys coming or what? OpenBSD: Hey guys you left some holes out there! _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
