Mathieu BLANC(mathieu.bl...@smile.fr) on 2016.08.09 11:18:57 +0200:
> Hello,
>
> I'm using relayd with Redirections (OpenBSD 5.9)
> Relayd creates these rdr-to rules :
> anchor "XXXX_http" all {
> pass in quick on rdomain 0 inet proto tcp from any to A.B.C.D port = 80
> flags S/SA keep state (tcp.established 600) rdr-to <pool_http> port 80
> round-robin
> }
>
> Is there a way to modify the Stateful Tracking Options after keep state ? (I'd
> want to add a max state on a specific redirection)
>
> Thanks !
Use the "pftag name" option.
That will change the inserted rule to not have the quick keyword. Also it
gets a "tagged name" added.
Then, in pf.conf add another rule
pass in tagged name keep state (max 3)
