Rickard Dahlstrand wrote: > Darrin Chandler wrote: > >> On Sun, Jul 30, 2006 at 11:11:17PM +0200, Rickard Dahlstrand wrote: >> >> >>> Hi, >>> >>> With the rulesset: >>> nat on sis0 from !(sis0) -> (sis0) >>> rdr on sis0 inet proto udp from any to any port = 12560 -> 192.168.1.10 >>> port 10000 >>> rdr on sis0 inet proto udp from any to any port = 12561 -> 192.168.1.10 >>> port 10001 >>> (and pass quick on all if, no keep state) >>> >>> I get these errors when running debug misc: >>> pf: state insert failed: tree_lan_ext lan: 192.168.1.10:10000 gwy: >>> xx.xxx.xxx.xx:12560 ext: uu.uu.uu.uu:18358 >>> >>> The udp-stream from 192.168.1.10 gets passed OK, but the incoming stream >>> from uu.uu.uu.uu triggers the above error. >>> >>> Anyone has any idea on why this does occur and if there is any way that >>> I can get it working. >>> >>> Thanks, Rickard. >>> >>> >> Have you tried using nonat to exclude your rdr ports? >> >> > Yes, if I do that it stoppes the outgoing stream as well. > To expand this question a bit, is there a way to instruct nat not to create a bi-directional state.
Rickard.
