Re: Can't SSH into CARP'd system from the outside

[Vivek Ayer]

i don't think I understand. Clarify. you mean carpdev is like your
physical interface..eth0, re0, etc.?

On Wed, Nov 12, 2008 at 12:40 AM, Marco Pfatschbacher <[EMAIL PROTECTED]> wrote:
> On Tue, Nov 11, 2008 at 03:53:54PM -0800, Vivek Ayer wrote:
> [...]
>> # macros
> [...]
>> carpdevs = "{ carp0 , carp1 }"
> [...]
>> # pass rules
> [...]
>> pass in on $carpdevs inet proto tcp from any to ($ext_if) \
>>    port $tcp_services flags S/SA keep state # Allow SSH Access from Outside
>
>
> just from a quick glance:
> pf(4) never filters on carp interfaces, but on carp's physical
> interface (aka carpdev).