I have a stateless rule on one of my boxes which was just upgraded from 4.0to 4.1. After the upgrade there were some odd issues that were reported and after looking into them I tracked the source of the issues down to a rule that was set not to keep state in pf.conf, but was actually keeping state with the S/SA flags set. I was able to manipulate the rule to use other flags and seen the change reflected but when reverting back to the stateless rule "flags S/SA keep state" was the actual behavior which confused/frustrated me. So I looked at the changelog again to take a closer look at what changes were made to PF and came across this line:
*Make sure pf(4) doesn't set 'flags S/SA' on stateless rules. which confuses me even more. Anyone seeing the same issues I am?
