On Mon, 8 Nov 2004 18:39:53 +0100 Henning Brauer <[EMAIL PROTECTED]> wrote:
>* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2004-11-07 >19:59]:> On Sun, 7 Nov 2004, messmate wrote: >> > pass in quick on $internal proto tcp from $TRUST_IP to any port = >22> > flags S keep state >> remove the = sign >> pass in quick on $internal proto tcp from $TRUST_IP to any port 22 > >why do people keep posting bullshit answers like that? can't you at >least TRY his rule before spreading misinformation? >it is not about you personally, but far too often we see lies posted >here, because the poster didn't bother to verify his answer. This is >not helping anybody - the opposite is true. > ??? Who's spreading misinformation ?? I've got the right answer from Daniel Hartmeier: <It's not removal of the '=' that makes your third rule work. You must have removed 'flags S' at the same time, and drawn the wrong conclusion. 'flags S' is invalid since a couple of releases.> I've taken the rule from an ( to old ?) example. If this can help anyone.. But WHERE can i get a recent documentation about PF ?? mess-mate
