On 05/03/2024 11:30, Eugene M. Zheganin wrote:
Hello,
On 05.03.2024 14:29, Miroslav Lachman wrote:
Why does this rule create states ? Am I misreading/misunderstanding
the part "state is created unless the no state option is specified" ?
Also from the man page, few lines after your citation:
By default pf(4) filters packets statefully; the first time a packet
matches a pass rule, a state entry is created; for subsequent packets
the filter checks whether the packet matches any state.
I'm failing to see how this can explain state creation by a rule that
clearly shouldn't create any states at all. Furthermore, state are
(usually) created by a packet with SYN flag, in case of TCP.
I am sorry, you are right. I missed the part of your message with 82
states. I have no explanation for that.
Kind regards
Miroslav Lachman
