openbsd-misc
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

the keep state rule

from [Maxime Longuet] [Permanent Link][Original]
To: misc@openbsd.org
Subject: the keep state rule
From: Maxime Longuet <Maxime@mailclub.fr>
Date: Wed, 28 Feb 2001 17:52:23 +0100
Sender: owner-misc@openbsd.org 
I've bridge + Ipf

xl0 on my internal network
xl1 on my routeur

I've this rules

pass in log quick on xl1 proto icmp from any to 193.56.133.70/32

pass in quick on xl1 proto icmp from any to 193.56.133.200/32

pass in quick on xl0 proto TCP/UDP all keep state

block in log quick on xl1 from any to any
But for pass out the rules pass in quick on xl0 proto TCP/UDP all keep state is necessary and the word keep state too. The problem is that the firewall crash with too many state. I've already give this question but no success ...
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Safer+ encryption, vipin mehta
Next by Date:  Re: WTF? mail headers show my OBSD box's ip, horape
Previous by Thread:  Safer+ encryption, vipin mehta
Next by Thread:  Re: the keep state rule, Claus
Indexes:  [Date] [Thread] [Top] [All Lists]