> anyway, Thanks for enlightening me. > > pass in log (all) on $int_if inet proto udp from $admin_pc to !$int_if \ > port 33433 >< 33626 keep state tag mytracert > > pass out log on $ext_if inet proto udp from $ext_if to any \ > port 33433 >< 33626 keep state tagged mytracert > > the above 2 rules were tested. They worked as expected.
> or: > > pass in log (all) on $int_if inet proto udp from $admin_pc to !$int_if \ > port 33433 >< 33626 keep state > > pass out log on $ext_if inet proto udp from $ext_if to any \ > port 33433 >< 33626 keep state *tagged mytracert* received-on $int_if > the above 2 rules were tested as well.but, it did not work. then, *tagged mytracert was removed. after removing, It worked. this is the rule. *pass out log on $ext_if inet proto udp from $ext_if to any \ port 33433 >< 33626 keep state received-on $int_if Now, everything is OK.
