I have a question about some nfs rules I am formulating ( this is all in a
testbed ). I currently have one machine behind the firewall, and several
machines on 3 other subnets external to the firewall. All are connected via
NFS. They are all communicating fine. My question is related to
syntax/BNF.
1) Can I combine the scrub no-df rule in to the pass rules ? If so, How ?
No. no-df only takes effect for scrub rules -- it's ignored for pass/drop
rules.
