Paul B. Henson(hen...@acm.org) on 2020.06.07 15:23:16 -0700:
> On 6/5/2020 11:15 PM, obs...@loopw.com wrote:
>
> >1) ???egress??? can be used to reference the external nic in a rule,
> >instead of having a specific IP. Egress is defined as the nic with
> >the default route. pass in quick log on
On 6/5/2020 11:15 PM, obs...@loopw.com wrote:
1) “egress” can be used to reference the external nic in a rule,
instead of having a specific IP. Egress is defined as the nic with
the default route. pass in quick log on egress inet proto tcp to
(egress) port 22
Ah, I think I seen that in the p
> What if two systems being used as redundant firewalls had different network
> cards? This would make the names of the interfaces different, resulting in
> rule sets that were not the same, preventing per-rule state timeouts from
> being properly applied.
1) “egress” can be used to referen
Where is it documented that in order for pfsync to properly synchronize
rule specific state timeouts that the rule sets on the systems being
synchronized must be *exactly* the same?
I have a pair of redundant firewalls synchronizing state, and recently
added a couple rules that increase the de
4 matches
Mail list logo
