[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF RDR/NAT Questions.



j knight wrote:

Now throw stateful tracking on top of that. Stateful tracking is like giving a packet a key that will open the door. When a packet tries to go either in OR out on an interface, the state entry for that packet will allow it to pass. And actually, the default behavior is that the state entry will allow the packet to pass on *any* interface that it is moving through.

I have to clarify myself here. The default behavior will allow the packet to pass thru any interface, as long as it's in the same direction (state entries are direction-bound). Don't dwell on this behavior. Just understand that you must pass packets in on one interface and out on the other.




.joel