> 21. jul. 2020 kl. 19:06 skrev Daniel Jakots <d...@chown.me>:
>> Your ‘modulate state’ overrides the default. As you have seen, on
>> non-default rules you need to add any options explicitly.
>
> Are you sure?
> I have a working (AFAIK) pflow setup and I also have
> pass out log on $ext_if proto { tcp, udp } all modulate state
>
> (I checked the rule is used because if I comment it the outgoing
> traffic doesn't go anymore)The only way to be sure is to look at the actually loaded rule set (systat rules or pfctl -vnf pf.conf), the boxes I have within easy reach do not use these features at the moment, I’m afraid. All the best, — Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
signature.asc
Description: Message signed with OpenPGP
