Kinda close unless I am reading the pf.conf man page wrong, where I have been reading it again and again. It keeps state for that data stream, be it out going or incoming. What I am asking is how to do this. Keep state for outgoing on port X and open incoming for port X & keep state for it. And do the same for any other port that is opened for outgoing, open the same port for incoming.
Amir Seyavash Mesry [EMAIL PROTECTED] LSI Logic Corporation http://www.lsilogic.com/ Raid Support Test Technician 6145-D Northbelt Parkway Norcross, GA 30071 678-728-1211 NOTICE: This communication may contain privileged or other confidential information. If you are not the intended recipient, or believe that you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use the information. Also, please indicate to the sender that you have received this communication in error, and delete the copy you received. Thank you. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Philipp Buehler Sent: Friday, August 09, 2002 3:28 PM To: [EMAIL PROTECTED] Subject: Re: Pass In for out Syntax On 09/08/2002, Amir Seyavash Mesry <[EMAIL PROTECTED]> wrote To [EMAIL PROTECTED]: > Ok I got another Q. > I know Cisco has this for it's routers, what I want to know is how > would I implement it on openbsd. Here is what the rule does. > A packet goes out on if0 on port 22, which causes port 22 to open for > incoming traffic on if0 to the same ip it is now outgoing. > Or > A packet goes out on if1 on port 22, which causes port 22 to open for > incoming traffic to the same ip it is now outgoing on if0. > > Basically if you open port 22 for outgoing then it auto opens for > incoming. If I dont get that completly wrong, you want to read about 'STATEFUL INSPECTION' in pf.conf(5)
BEGIN:VCARD VERSION:2.1 N:Mesry;Amir;Seyavash FN:Amir Seyavash Mesry ORG:LSI Logic Inc.;Raid TITLE:Raid Support Test Technician TEL;WORK;VOICE:(678) 728-1211 ADR;WORK:;;6145-D Northbelt Parkway;Norcross;GA;30071;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:6145-D Northbelt Parkway=0D=0ANorcross, GA 30071=0D=0AUnited States of Ameri= ca ADR;POSTAL:;;6145-D Northbelt Parkway;Norcross;GA;30071;United States of America LABEL;POSTAL;ENCODING=QUOTED-PRINTABLE:6145-D Northbelt Parkway=0D=0ANorcross, GA 30071=0D=0AUnited States of Ameri= ca EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20020510T175919Z END:VCARD
