Date: Wed, 31 Jan 2007 11:58:41 -0800 From: James Long <stable@museum.rain.com> To: Stefan Lambrev <stefan.lambrev@sun-fish.com> Cc: freebsd-stable@freebsd.org Subject: Re: impossible rc.d ordering problem with stf and pf ? Message-ID: <20070131195841.GA75352@ns.umpquanet.com> In-Reply-To: <45C045B0.1060108@sun-fish.com> References: <20070130120050.899B816A4BF@hub.freebsd.org> <20070131004234.GA13590@ns.umpquanet.com> <45C045B0.1060108@sun-fish.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 31, 2007 at 09:30:56AM +0200, Stefan Lambrev wrote: > Hello, > > >> pass out on (stf0) inet6 from any to any keep state > >> > > > >Just for my edification, what is the point of "keep state" on an > >"any-to-any" rule? > > > > > imagine that you have only 2 rules - > block in on $if all > pass out on $if from any to any keep state > > - with "keep state" you have internet, without it you do not have ;) Thank you. I must read more closely. I did not grok the "out." Jim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070131195841.GA75352>