Thanks Stuart! I thought there would be a straight forward way of
doing it. With this set up I'm guessing that I can leave state policy
as floating?
Russell
On 29/01/2008, at 9:45 PM, Stuart Henderson wrote:
On 2008/01/29 15:54, Russell Fulton wrote:
I know that one can only queue on t
This afternoon pfctl started spitting out this message every time we
reload the rule set. So far as I can tell nothing substantial changed
at this point. Perhaps a new table was created or an IP added to an
existing table. (the ruleset is built from a database and there have
been quite a
Hi,
I'm using state-policy if-bound. if-bound states are bound to interface so you
need to add just one rule to your setup.
set state-policy if-bound
pass in
quick
on
$int_if
from
to
any
keep
state
queue unlimited_in
If you want to queue incoming traffic from users then you set l
On 2008/01/29 15:54, Russell Fulton wrote:
>
> I know that one can only queue on the outbound interface. We want to queue
> traffic in both directions so we have to have two queues one on the external
> interface to queue outbound traffic and one on the internal interface to
> queue the incomin
