Re[2]: Note: states with asymmetric routing
>> Stateful inspection on gateway can hamper tcp-connections, when >> inbound or outbound packets goes another route (i.e. when one of >> directions not goes thru gateway). kpo> well, yeah. How is a firewall supposed to deduce state if it doesn't kpo> see any replies? psychic deduction? You,
Re[2]: Note: states with asymmetric routing
JO> i will assume that you do not have delusions that this should work with JO> NAT-ed connections, because it most certainly will not. of course, it will not, because pf must alter both directions.
