Hi Thomas, I wish it was that simple :(
If I add it to the rdr I get an error loading the file: rdr pass on $if proto udp from <napts> to any port 53 -> 127.0.0.1 port 53 keep state (no-sync) pf.conf:124: syntax error If I put it on the pass rule it doesn't stop the state from being synchronised... I'm guessing because the state was created by the RDR rule. I've tried in Freebsd 8.0 & 8.1 Mel On 18 Mar 2011, at 16:08, Thomas Steen Rasmussen wrote: > On 18.03.2011 12:31, Melissa Jenkins wrote: >> Hiya, >> >> I was wondering if anybody knew how to stop the states generated by RDR and >> NAT rules from synchronising over PFSYNC? >> >> In particular I have an RDR for DNS traffic. The states this produces don't >> need to be synchronised between the two machines, but I can't figure out how >> to stop this. Adding the (no state) flags to the pass rule doesn't stop the >> states from being synchronised. > Hello, > > You need the no-sync keyword on the state options, > check man pf.conf(5). > > Best regards > > Thomas Steen Rasmussen _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
