[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf sending an ACK storm?!



On Thu, Nov 28, 2002 at 07:47:37PM +0100, Daniel Hartmeier wrote:
> The ssh connection to synchron<->brutus isn't by any chance filtered
> statefully, using modulate state? :)
  It is.
pass in quick on $INT proto { icmp, udp } all label internal-in
pass in quick on $INT proto tcp all modulate state label internal-in-tcp
pass out quick on $INT all label internal-out
-- 
 __  /*-      Frank DENIS (Jedi/Sector One) <[email protected]>     -*\  __
 \ '/    <a href="http://www.PureFTPd.Org/";> Secure FTP Server </a>    \' /
  \/  <a href="http://www.Jedi.Claranet.Fr/";> Misc. free software </a>  \/