samwun
July 17th, 2004, 03:12
Dear all,
I created a Anchor ruleset for the PF. I can display the nat and rules for this specific Anchor, but failed to show and remove its state.
If I use the following pfctl command,
# pfctl -a vpns -sr
# pfctl -a vpns -sn
It will show the correct nats and rules for the Anchor vpns only without the nats and rules in base rules.
But the following pfctl command does not do what it told:
# pfctl -a vpns -ss
# pfctl -a vpns -Fs
it shows and remote all the states from the state table, including the states that created in the base rules. It shoud only shows and remove the states created by the Anchor vpns.
Is this a bug in PF?
Thanks
sam
I created a Anchor ruleset for the PF. I can display the nat and rules for this specific Anchor, but failed to show and remove its state.
If I use the following pfctl command,
# pfctl -a vpns -sr
# pfctl -a vpns -sn
It will show the correct nats and rules for the Anchor vpns only without the nats and rules in base rules.
But the following pfctl command does not do what it told:
# pfctl -a vpns -ss
# pfctl -a vpns -Fs
it shows and remote all the states from the state table, including the states that created in the base rules. It shoud only shows and remove the states created by the Anchor vpns.
Is this a bug in PF?
Thanks
sam