Hi List, I have the following simple row in my pf.conf
pass in on $ext_if proto tcp from any to ($ext_if) port ssh flags S/SA keep state in order to let in the incoming ssh connection. Obviously it works as we expect. If I make a slightly changes in this row like this: pass in on $ext_if proto tcp from any to ($ext_if) port ssh flags S/SA synproxy state wont work as I expect, my ssh attempts left unanswered. I just wonder what more do I have to modify in order to get "spoofing protected" ssh service(is there synproxy option supported on the FreeBSD flavored of pf)? By the way, my $ext_if is an ADSL link (tun0). Any help would be greatly appreciated. Tom _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"