i hope this is the right forum for asking this question... i imagine it will have a simple answer :)
i was just curious, from pftop i saw these states: PR DIR SRC DEST STATE AGE EXP PKTS BYTES udp Out 127.0.0.1:14770 127.0.0.1:53 2:1 32 0 2 186 udp Out 127.0.0.1:53 127.0.0.1:14770 1:0 32 28 1 115 and w/ pfctl -s state | grep udp, u see the same kind of stuff: udp 127.0.0.1:30551 -> 127.0.0.1:53 MULTIPLE:SINGLE udp 127.0.0.1:29610 -> 127.0.0.1:53 MULTIPLE:SINGLE udp 127.0.0.1:16319 -> 127.0.0.1:53 MULTIPLE:SINGLE udp 127.0.0.1:53 -> 127.0.0.1:30551 SINGLE:NO TRAFFIC udp 127.0.0.1:53 -> 127.0.0.1:29610 SINGLE:NO TRAFFIC udp 127.0.0.1:53 -> 127.0.0.1:16319 SINGLE:NO TRAFFIC question is very simple: why? i assume the left/right sides of the ':' ought to be identical between the reflexive rules of the stateful connection... am i missing something? thanks :) ben
