Stuart Henderson writes:
> "synproxy state" cannot work on outbound (for more details see
> https://marc.info/?l=openbsd-tech&m=160686649524095&w=2).
>
> Because pfctl is doing something other than what you asked it to do,
> IMO the warning makes sense.
>
> Alternatively it could be classed as an
On 2022-10-24, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote:
> Given the rule
>
> pass proto tcp from any to mail.example.com \
> port { 25 80 110 143 443 587 993 } synproxy state
>
> pfctl barks
>
> /etc/pf.conf:586: warning: synproxy used for inbound rules only, ignored for
> outbo
pass *in* proto tcp from any to mail.example.com \
port { 25 80 110 143 443 587 993 } synproxy state
How hard can that be?
A message saying synproxy is applied inbound and not outbound is necessary for
those which might assume that synproxy is being applied eitherbound.
You
Given the rule
pass proto tcp from any to mail.example.com \
port { 25 80 110 143 443 587 993 } synproxy state
pfctl barks
/etc/pf.conf:586: warning: synproxy used for inbound rules only, ignored for
outbound
It's pretty obvious from reading pf.conf(5) that the above is the
4 matches
Mail list logo
