https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281871
Kajetan Staszkiewicz <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #11 from Kajetan Staszkiewicz <[email protected]> --- (In reply to Vladimir Druzenko from comment #10) > This doesn't seem logical - the rule clearly states that it should only apply > to outgoing packets: "out". The "match" rules themselves do nothing, but actions accumulated in them (e.g. scrub) are applied to the state created later by "pass … keep state" rules. Once a state is created, it applies to packets flowing both ways. > Then how can I make it so that the TTL of incoming packets does not change, > but all outgoing ones have the same? You could use the old, pre-FreeBSD 14 "scrub" rules. Those are stateless, they can be applied just in one direction or only to given source or destination IP address and will not match the opposite direction. -- You are receiving this mail because: You are the assignee for the bug.
