[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: synproxy



On Monday 24 January 2005 14.38, you wrote:
> On Mon, Jan 24, 2005 at 01:22:03PM +0100, Per-Olov Sjöholm wrote:
> > Any suggestions? It worked well in 3.5...
>
> Even with the patch in -stale, you'll need 'set state-policy if-bound',
> see
>
>   http://marc.theaimsgroup.com/?l=openbsd-pf&m=109334347801074&w=2
>
> and the posts referenced there for details.
>
> Daniel
Thanks, I will check that.
Today I use "set state-policy floating". Which I assume is the default. I am 
not 100% sure what if-bound means as all sessions going through the fw has a 
state per interface. Where can I find more info about it than in "man 
pf.conf" ?
B t w... can I use "(if-bound)" on just that rule containing "synproxy 
state" ? 
And why have this behaviour changed from 3.5 to 3.6? 
(I have read the link you sent, and you talk a lot about the loopback which 
isn't the problem)
Thanks in advance
Per-Olov Sjöholm
-- 
GPG keyID: 4DB283CE
GPG fingerprint: 45E8 3D0E DE05 B714 D549 45BC CFB4 BBE9 4DB2 83CE

Attachment: pgp00201.pgp
Description: PGP signature