PFsync & RDR/NAT
Thomas Steen Rasmussen
thomas at gibfest.dk
Fri Mar 18 16:08:23 UTC 2011
On 18.03.2011 12:31, Melissa Jenkins wrote:
> Hiya,
>
> I was wondering if anybody knew how to stop the states generated by RDR and NAT rules from synchronising over PFSYNC?
>
> In particular I have an RDR for DNS traffic. The states this produces don't need to be synchronised between the two machines, but I can't figure out how to stop this. Adding the (no state) flags to the pass rule doesn't stop the states from being synchronised.
Hello,
You need the no-sync keyword on the state options,
check man pf.conf(5).
Best regards
Thomas Steen Rasmussen
More information about the freebsd-pf
mailing list