On 05/07/18 23:51, Martin Gignac wrote: >> It looks like 'received-on' would be a cleaner and shorter way to >> achieve my goal by allowing me to specify inbound and outbound >> interfaces in the same rule. >> > > I think I spoke to quickly; it would be an alternative way, but not a > shorter one as I would still need the initial "pass in lab01" I guess. I > just wouldn't have to tag it. > >> I usually do the filtering on the outbound interface and add a statement like the following the pass in all to be forwarded packets: pass in to !(self)
This way you don't have to add different rules for different tags. martijn@
