diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2008-11-12 01:18:09 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2008-11-12 01:18:09 +0000 |
| commit | cfc0d07288be25ebe148b0c73c8170b37a85e4ea (patch) | |
| tree | e4cf0641ed1a5693350a301968c491059f376699 /etc/inc | |
| parent | 7ec41990fe17e5583590b6cf6d25e395a638a556 (diff) | |
| download | pfsense-cfc0d07288be25ebe148b0c73c8170b37a85e4ea.zip pfsense-cfc0d07288be25ebe148b0c73c8170b37a85e4ea.tar.gz | |
As of pf 4.1 keep state is used automatically. Do not keep state
between statically routed subnets.
Diffstat (limited to 'etc/inc')
| -rw-r--r-- | etc/inc/filter.inc | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 1876d74..7de3487 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2403,10 +2403,10 @@ EOD; if ($sa) { $ipfrules .= <<<EOD -pass in quick on \${$friendly_int} from {$sa}/{$sn} to {$route['network']} label "pass traffic between statically routed subnets" -pass in quick on \${$friendly_int} from {$route['network']} to {$sa}/{$sn} label "pass traffic between statically routed subnets" -pass out quick on \${$friendly_int} from {$sa}/{$sn} to {$route['network']} label "pass traffic between statically routed subnets" -pass out quick on \${$friendly_int} from {$route['network']} to {$sa}/{$sn} label "pass traffic between statically routed subnets" +pass in quick on \${$friendly_int} from {$sa}/{$sn} to {$route['network']} no state label "pass traffic between statically routed subnets" +pass in quick on \${$friendly_int} from {$route['network']} to {$sa}/{$sn} no state label "pass traffic between statically routed subnets" +pass out quick on \${$friendly_int} from {$sa}/{$sn} to {$route['network']} no state label "pass traffic between statically routed subnets" +pass out quick on \${$friendly_int} from {$route['network']} to {$sa}/{$sn} no state label "pass traffic between statically routed subnets" EOD; } |
