[nycbug-talk] dns abuse
Yarema
yds at CoolRat.org
Thu Jan 22 09:09:51 EST 2009
Max Gribov wrote:
> Yarema wrote:
>> I read this to mean that to use <max-src-states> one must also use one
>> of the two <source-track> formats. That said, shouldn't your rule read
>> as follows?
>>
>> pass in quick on $ext inet proto udp from any to <server> port 53
>> keep state (source-track rule, max-src-states 1)
>>
>>
> hmm, i dont have the 'source-track rule' part and it seems to work fine
> i got the max-src-states option from the pf.conf manpage
yeah, the pf.conf manpage and the pf faq both say pretty much the same
thing. Seems that max-src-states implies source-track, but the docs
don't spell out which source-track format is implied. At least as far
as I can tell. It really makes no difference if only one rule is using
max-src-states.
--
Yarema
More information about the talk
mailing list