On Sun, Aug 14, 2005 at 12:24:43PM -0400, stan wrote: > I've got 2 rules like this: > > pass out on $int_if from any to any keep state > pass in on $int_if from any to any keep state > > That I think I should be able to replace with: > > pass out on $int_if from any to any keep state > pass in on $int_if from any to any keep state > > But when I do this, I get the follwing packets droped. > > Aug 14 12:08:05.230735 rule 0/(match) block out on fxp2: 171.85.113.55.2318 > > 171.85.106.133.161: GetRequest(5)[|snmp] > > requiste defs are: > > int_if="fxp2" > > and the /etc/hostname.fxpo looks like this: > > inet 171.85.113.111 255.255.255.128 NONE > > What am I missing here? > Sorry for the stupid cut and paste error.
Here are the rules I want to use :-( pass in on $int_if from $int_if:network to any keep state pass out on $int_if from any to $int_if:network keep state -- U.S. Encouraged by Vietnam Vote - Officials Cite 83% Turnout Despite Vietcong Terror - New York Times 9/3/1967
