* Pierre-Yves Ritschard ([EMAIL PROTECTED]) wrote:
> Hi pf@,
>
> I might be getting rusty but I'm having a problem with a really simple
> ruleset on a really recent -current OpenBSD
>
> The firewall has two carped interfaces and is running pfsync.
> The ruleset goes like this:
>
> ext="trunk0"
> set state-policy floating
>
> table <mailservers> const { ... }
> set skip on { lo0 }
> blog log all
>
> pass in quick on $ext from any to <mailservers> port smtp
>
> well this doesn't work and I see the rule 0 (block) being matched in
> pflog's output.
> If I modify the ruleset to look like this:
>
> pass in quick on $ext from any to <mailservers> port smtp tag OK
> pass out tagged OK
>
> It works as expected but this looks like a 'state-policy ifbound'
> behavior right ?
I tested this with latest (11/7) current available on my mirror and
the behavior is the same.
