* Bernd Bornkessel <bbornkes...@dunkel.de> [2011-01-05 11:59]: > In pf's state table I see two records - one for each direction of the > connection.
and the accumulated data from the state is what pflow exports, so it is all as intended. usually, you do your real filtering on one side of the firewall (usually there are areas that can be called "inside" and "outside" - tho in some cases, there are many many inside networks, countless vlans in my case). the other side you do some antispoof and firewall self-protection. pick one side for pflow. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
