pf randomly blocks specific packets?
Jeremy Chadwick
koitsu at FreeBSD.org
Tue Jul 29 11:33:28 UTC 2008
On Tue, Jul 29, 2008 at 11:52:24AM +0200, Peter Wullinger wrote:
> Nejc ?koberne wrote:
>> pass in quick on $int_Trust from $addr_sysSvarun to any keep state
> Note: You can remove "keep state". This is implicit for newer version of pf.
>> pass quick on $int_Loop all
>> pass quick on $int_Jails all
> Note: These keep state, see above. You might want to add "no state" here,
> to decrease state table usage.
Or better use, use "set skip on $int_Loop $int_Jails", and avoid having
pf process any of them.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-pf
mailing list