On Thu, 2007-03-15 at 01:39 +0000, Stuart Henderson wrote:
> feed the rule into "pfctl -nvf -" and see how it's expanded.
basically what you would expect...
$ pfctl -nvf -
pass out on bge0 from <inside> to { !<outside> , !<llcidr> } tagged
INSIDE keep state flags S/SA
pass out on bge0 from <inside> to ! <outside> flags S/SA keep state
tagged INSIDE
pass out on bge0 from <inside> to ! <llcidr> flags S/SA keep state
tagged INSIDE
^C
$
i'm just a bit baffled by this one considering these are the first and
only 'pass out' rules on my external interface and I'm not using the
'quick' keyword anywhere but on the 'pass in' rule on my internal
interface. so, shouldn't these be getting evaluated?
thanks.
ryanc
--
Ryan Corder <[EMAIL PROTECTED]>
Systems Engineer, NovaSys Health LLC.
501-219-4444 ext. 646
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
