diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-06-09 23:22:03 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-06-09 23:22:03 +0000 |
commit | 71da8188ca9c36e2843aea44aae93e0b614b8c52 (patch) | |
tree | b5bee692d3145facecdadb40ecb61d6a46327b1b | |
parent | a47f5d2f0ba3b4fdfc4dcd980db2018fd5ad5c08 (diff) | |
download | pfsense-71da8188ca9c36e2843aea44aae93e0b614b8c52.zip pfsense-71da8188ca9c36e2843aea44aae93e0b614b8c52.tar.gz |
Do not keep state on carp traffic. Chris D seems to think this may allow us to do inbound states.
-rw-r--r-- | etc/inc/filter.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 4b87212..8051284 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1973,7 +1973,7 @@ function process_carp_rules() { } foreach ($ifdescrs as $ifdescr => $ifname) { $interface = convert_friendly_interface_to_real_interface_name($ifname); - $lines .= "pass quick on {$interface} proto carp keep state\n"; + $lines .= "pass quick on {$interface} proto carp\n"; } if($config['installedpackages']['carp']['config'] != "") foreach($config['installedpackages']['carp']['config'] as $carp) { @@ -1989,7 +1989,7 @@ function process_carp_rules() { add_rule_to_anchor("natrules", $rule, $ip); } } - add_rule_to_anchor("carp", "pass quick on pfsync0 keep state", "pfsync0" . "3"); + add_rule_to_anchor("carp", "pass quick on pfsync0", "pfsync0" . "3"); if($config['installedpackages']['carpsettings']['config'] != "") foreach($config['installedpackages']['carpsettings']['config'] as $carp) $carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']); |