Re: pf add not working

To: "D'Arcy J.M. Cain" <darcy%netbsd.org@localhost>
Subject: Re: pf add not working
From: Zoran Kolic <zkolic%sbb.rs@localhost>
Date: Sun, 23 Nov 2014 17:27:24 +0100

> Huh?  Keeping state is exactly why, I believe, it was not working
> properly.  Adding "no state" was the critical change.
> 
> > What if you remove "no state"?
> 
> Then it will once again treat continuing connections as the same
> connection and fail to block it.

I have to rethink about this. To my knowledge, it should not.
Different sessions, right?

> The manual explains how to keep state or not.  What makes you think
> that you *must* keep state for UDP.  To my way of thinking not keeping
> state should be the default for UDP, at least for incoming connections.

I will need some time to think again. And read manuals.
For sure, I know where this might be taken for better
answer than mine: misc%openbsd.org@localhost. You don't have to
use openbsd to ask question, since you run pf. It could
be me, if you don't find the solution next day or two.
When I asked about pf on netbsd on the list, de Raadt
wished me all the best, due to old pd version.
Frankly I need more time if I could make it more simple
to load rules. Becomes interesting. Best regards

                             Zoran

Follow-Ups:
- Re: pf add not working
  - From: D'Arcy J.M. Cain

References:
- Re: pf add not working
  - From: Zoran Kolic
- Re: pf add not working
  - From: D'Arcy J.M. Cain
- Re: pf add not working
  - From: Zoran Kolic
- Re: pf add not working
  - From: D'Arcy J.M. Cain

Prev by Date: Re: pf add not working
Next by Date: Re: pf add not working
Previous by Thread: Re: pf add not working
Next by Thread: Re: pf add not working
Indexes:

Home | Main Index | Thread Index | Old Index