| Building The Network You Need With PF, The OpenBSD Packet Filter: BSDCan 2016, Ottawa, Canada, June 8th 2016 | ||
|---|---|---|
| Prev | Next | |
Pass CARP traffic on the appropriate interfaces
pass on $carpdevs proto carp keep state
Pass pfsync traffic on the appropriate interfaces
pass on $syncdev proto pfsync
Some traffic doesn't make sense to fail over
pass in on $int_if from $ssh_allowed to self keep state (no-sync)
PF sees the traffic on the physical interface