--On 08 September 2005 14:55 +0200, Stephan A. Rickauer wrote:
If I understand correctly, pf has no 'forward' chain like netfiler (which is probably by design).
I'm guessing at what netfilter 'forward chain' means here since (presumably like many people here) I don't have much need to admin netfilter firewalls... I guess it is different to what 'fwd' means in FreeBSD's ipfw (which is more like rdr in PF)
since one does not have to specify IN and OUT rules separately.
if you mean what I think you mean, you might want to re-read the 'STATEFUL INSPECTION' section of pf.conf(5) (especially the pp starting 'by default, packets coming in and out...') - there's no need to specify both incoming and outgoing rule for normal traffic passing through a router.
