David DeSimone wrote:
> You may want to consider adding "keep state" to your "block log" rules.
> If you keep state on the blocked packets, only the first packet that is
> blocked will get logged; the others will be blocked statefully without
> consulting the rulebase, which may save some processing time.
>
> Note that "keep state" is only implicit on "pass" rules, you must add it
> on "block" rules
Doesn't seem to work, it just gives "keep state on block rules doesn't
make sense" as an error.
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
