| Building the Network You Need with OpenBSD's PF: EuroBSDCon, St. Julian's, September 26th 2013 | ||
|---|---|---|
| Prev | Next | |
Pass CARP traffic on the appropriate interfaces
pass on $carpdevs proto carp keep state
Pass pfsync traffic on the appropriate interfaces
pass on $syncdev proto pfsync
Some traffic doesn't make sense to fail over
pass in on $int_if from $ssh_allowed to self keep state (no-sync)
PF sees the traffic on the physical interface