On 2024-03-05 09:11, Eugene M. Zheganin wrote:
pass quick proto tcp all flags A/A no state[ Evaluations: 1125881 Packets: 972814 Bytes: 421350757 States: 82 ][ Inserted: uid 0 pid 28187 State Creations: 82 ]man pf.conf:pass The packet is passed; state is created unless the no state option is specified.Why does this rule create states ? Am I misreading/misunderstanding the part "state is created unless the no state option is specified" ?
Any chance there's nat, binat or rdr involved? Usage of NAT forces stateful tracking, even if the passing rule declars stateless tracking.
-- | pozdrawiam / regards | Powered by macOS, Debian and FreeBSD | | Kajetan Staszkiewicz | www: http://vegeta.tuxpowered.net | `----------------------^--------------------------------------'
OpenPGP_signature.asc
Description: OpenPGP digital signature
