Given the rule
pass proto tcp from any to mail.example.com \
port { 25 80 110 143 443 587 993 } synproxy state
pfctl barks
/etc/pf.conf:586: warning: synproxy used for inbound rules only, ignored for outbound
It's pretty obvious from reading pf.conf(5) that the above is the
default behaviour, and it seems perfectly reasonable to apply
'synproxy state' to pass rule that implies 'in'. So I don't see
the reason for pfctl to nag at me like that,
It would be nice if simple pass rules like the above did not provoke
that warning message.
--lyndon
No comments:
Post a Comment