pf creating states by default now?
Chris Smith
pf_free at chrissmith.org
Sun Sep 7 21:09:11 UTC 2008
On Sunday 07 September 2008 04:53:20 pm Yar Tikhiy wrote:
> And in OpenBSD-current the manpage still reads: "...keep state
> must be specified explicitly to apply [stateful tracking] options
> to a rule."
Not in the -current running here. The manpage reads:
"A number of options related to stateful tracking can be applied on a per-rule
basis. keep state, modulate state and synproxy state support these options,
and keep state must be specified explicitly to apply options to a rule."
And the "options" referred to are listed in that section, such as max,
timeout, no-sync, sloppy, etc. If you're not applying the options, keep state
is implied.
More information about the freebsd-pf
mailing list