Hi pf@,
I might be getting rusty but I'm having a problem with a really simple
ruleset on a really recent -current OpenBSD
The firewall has two carped interfaces and is running pfsync.
The ruleset goes like this:
ext="trunk0"
set state-policy floating
table <mailservers> const { ... }
set skip on { lo0 }
blog log all
pass in quick on $ext from any to <mailservers> port smtp
well this doesn't work and I see the rule 0 (block) being matched in
pflog's output.
If I modify the ruleset to look like this:
pass in quick on $ext from any to <mailservers> port smtp tag OK
pass out tagged OK
It works as expected but this looks like a 'state-policy ifbound'
behavior right ?
