https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281871
--- Comment #9 from Kristof Provost <[email protected]> --- (In reply to Vladimir Druzenko from comment #8) > age 00:00:06, expires in 23:59:54, 2:1 pkts, 112:60 bytes, rule 58, min-ttl > 128 You can check your rules for what rule 58 is, but the match rule presumably applied when the state was created, so the min-ttl flag got applied to the state and affects both directions of the state. Again, that's expected. Rules are only processed for the initial packet that creates the state, and in this case that will have been the SYN for the `telnet $IP $PORT`. That's an outbound packet on $ext_if (presumably), so the match rule applied and the min-ttl got set on the state where it now also applies to the other direction of that state. -- You are receiving this mail because: You are the assignee for the bug.
