Hi, I've played with tagging and I've found something that's not clear to me.
block in on dc0 tag LAN
pass in inet proto tcp to port 80 keep state
If I send a SYN to port 80 passing across the dc0 interface the packet will be
tagged LAN and then it will create a state with the second and last-matching
rule.
However I'd like to know if every packet that belongs to that connection
(matches the state) will be marked with LAN tag.
Thanks.
Ed
