[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf(4) schemantics

> Yes, thank you. I also still mean that pf(4) should not care about
> packets going 'out' of an interface, only in, but let's kill this
> thread.
Again: traffic can originate on the firewall box. Since this traffic
never passes inbound on an interface, filtering MUST be done
on the outbound direction. (ie - transparent proxies).