On 05/03/2024 09:11, Eugene M. Zheganin wrote:
Hello,
I hope the following is self-explanatory:
pfctl -vs rules:
[...]
pass quick proto tcp all flags A/A no state
[ Evaluations: 1125881 Packets: 972814 Bytes: 421350757 States:
82 ]
[ Inserted: uid 0 pid 28187 State Creations: 82 ]
man pf.conf:
pass The packet is passed; state is created unless the no state
option is specified.
Why does this rule create states ? Am I misreading/misunderstanding the
part "state is created unless the no state option is specified" ?
Also from the man page, few lines after your citation:
By default pf(4) filters packets statefully; the first time a packet
matches a pass rule, a state entry is created; for subsequent packets
the filter checks whether the packet matches any state.
Kind regards
Miroslav Lachman
