The outbound rule does have keep state on it, but the point is the
outbound rule should not even be necessary, pf defaults to pass unless a
block rule is given, there is no block out rule. once again this rule
set (minus the "pass out on $oif inet from $oip to any keep state" rule)
works perfectly on my OpenBSD firewalls.
Thanks
Jeff
Travis H. wrote:
Well this is a silly question, but perhaps traffic is being passed
out, but the responses can't get back in? It's not clear to me how
you expected responses to get in without a "keep state" on an outbound
rule.
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
