Date: Wed, 04 Feb 2015 13:38:24 +0800 From: Julian Elischer <julian@freebsd.org> To: lev@FreeBSD.org, freebsd-ipfw <freebsd-ipfw@freebsd.org>, freebsd-net <freebsd-net@freebsd.org> Cc: melifaro@FreeBSD.org Subject: Re: [RFC][patch] New "keep-state-only" option Message-ID: <54D1B050.2040706@freebsd.org> In-Reply-To: <54D1AF04.8050106@freebsd.org> References: <54D0F39B.4070707@FreeBSD.org> <54D1AF04.8050106@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/4/15 1:32 PM, Julian Elischer wrote: > On 2/4/15 12:13 AM, Lev Serebryakov wrote: >> >> And variants with multiple NATs and "nat global" becomes as easy as >> this, too! No stupid "skipto", no "keep-state" at "incoming from local >> network" parts of firewall, nothing! >> >> P.S. I HATE this "all any to any" part! > can we get rid of it? (implied).. or just add "everything" > also I am not sure about "keep-state-only".. > how about 'set-state'? or record-state as I started with.. or record-session.. (state always annoyed me) > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54D1B050.2040706>