On Wednesday 09 July 2008 20:29:21 Leslie Jensen wrote: > Anyway I have one PC on the inside and it takes some time before it's > able to reach the outside world.
What David said. > Another thing I see is that for example I add log (all) to one of my > filters and do pfctl -f /etc/pf.conf, then later I remove it again and > do pfctl -f /etc/pf.conf. The output from tcpdump -n -e -ttt -i pflog0 > still shows packages as if it had not refreshed and still have the "log > (all)" active. That's expected. The rule will create a state with the "log (all)" flag set. When you reload the ruleset no more new states will be created with that flag, but the existing states stick around and keep logging all packets. You can either "pfctl -Fstates" or simply wait until they die off on their own. -- /"\ Best regards, | [EMAIL PROTECTED] \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] / \ ASCII Ribbon Campaign | Against HTML Mail and News _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
