On 2008/11/12 14:35, Vivek Ayer wrote: > then, what about this: pass on $carpdev proto carp keep state
the "proto carp" packets are all strictly on the parent interfaces, that is the only place you need to pass them. > Looks like it's filtering on the $carpdev, which is carp0 and carp1 in > this case. $carpdev would be a pf.conf macro and could be anything, I don't have a copy of the book and http://home.nuug.no/~peter/pf/en/ doesn't talk about carp in pf.conf so I can't check how it's used there. I think most people using the term carpdev would use it in the sense it's described in carp(4), i.e. the "interface the carp device attaches to." > It's just what I read in the pf book. I'd like to resolve > this soon so I can go ahead an launch my website. I feel like there's > a lot of carp in the pf files. I need to lean it down a little. That > might be causing all these problems. the only time I use the carp interface in pf.conf is for address specification, "pass to (carp80)" etc.
