On Jun 7, 2010, at 9:01 PM, Henning Brauer wrote: > hmm. your understanding is correct, the in is (kind of, practically it > is, we won't hit the rule unless the "in" condition in the anchor is > true) inherited. the little validity check in pfctl doesn't grok that > tho. hrm.
Thanks for validating my thinking. Besides the configuration being valid, is that kind of use of anchors good practice? Should I submit a bug report on pfctl, or what do you guys here prefer? I have no time to fix it right now, I just keep being "unanchored" for now :-) Teemu
