> On 15 Jun 2023, at 16:26, Kapetanakis Giannis <bil...@edu.physics.uoc.gr> > wrote: > After applying some keep state (if-bound) on major rules, I 've already found > a problem. > > pfsync. > > It copies the interface. The interfaces are different on the backup firewall > so the states will not match if I demote master. > > Anyway to overcome this? Maybe filtering with same group name that is the > same on both firewalls?
Yes, I was going to suggest creating interface groups and referencing those in your rules instead of interfaces. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
