2010/1/8 Olivier Thibault <olivier.thiba...@lmpt.univ-tours.fr>: >> # keep stats of outging connections >> pass out keep state > > This rule allows everything out and next outgoing rules won't be checked as > this one first match.
That's incorrect, pf does the opposite and uses the *last* match - at least that's what the documentation says... http://www.openbsd.org/faq/pf/filter.html The quick keyword is used for shortcut evaluation. _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
