Hello,
I am trying to migrate from ipf (in OpenBSD 2.8) to pf (in OpenBSD
3.4). I am having a lot of trouble with my ruleset which heavily
relies on binat and keep state. Packets will come in on a keep state
rule (from the internet) but the replies are dropped.
I should probably mention that nearly all of my rules are written for
incoming packets (toward the firewall).
I have done what I can to read in the man pages and the mailng list
about this problem but I think that I am going to have to dive into the
source. Is there any kind if primer on the basic architecture or how
the source is laid out. Maybe someone can point me to a function or
two that I should read for more insight into my problem.
Thanks,
BMG
- Re: Trouble with keep state and binat Brad Guillory
- Re: Trouble with keep state and binat Trevor Talbot
