Hi
I read in the manual, that since the 4.1 version, the keep state rule is
automatically set to keep state.
Before migrating to 4.4, I had the 3.9 and with following configuration:
Internet1 --------|
OpenBsd (Internal)| ----------- Server
Internet2 --------|
On the interface of the internet1 I have the !!!!! default route !!!!!;
but some traffic coming from every where in the world is coming from Internet2
interface to the server
So I had in my pf.conf following configuration:
pass in on internet2 from any
to server port NNN
pass in on internal from any
to server port NNN
pass out on internal route-to (If2 internelGW2) from server port NNN to any
pass out on internet2 from If2 port
NNN to any
With the migration to 4.4 the result is:
pass in on internet2 from any
to server port NNN keep state
pass in on internal from any
to server port NNN keep state
=> the 2 other rules will be no more used because of the keep state
What is the alternativ to remake some like before the migration ?
Thanks for reply
Christophe
