| PF, The OpenBSD Packet Filter: Building The Network You Need: BSDCan, Ottawa, June 10th 2015 | ||
|---|---|---|
| Prev | Next | |
If you write
pass in inet proto tcp on re1 from re1:network to re0:network \
port $ports keep statethen you also need
pass out inet proto tcp on re0 from re1:network to re0:network \
port $ports keep statebut do you actually mean
pass inet proto tcp from re1:network to any port $ports keep state