Hi!
I can't fully understand when(how to) use packet direction in filter rules.
Found on this forum phrase: "...If the interface receives a packet, it is incoming. If the interface sends out a packet on to the network, it is outgoing..." (c)tommiie, but still have questions.
I'll try to write how I understand packet flow(correct me please if I wrong):
Packet addressed directly to any of router's IP addresses always IN.
NAT specific flow is:
1) IN on Internal IF.
2) OUT on External IF.
reply
1)IN on External IF.
2)OUT on Internal IF.
Routing between networks is:
1) IN on src:network IF.
2) OUT on dst:network IF.
Is there any other scenarios that I missed?
In most cases routed/NATed packet flow through PF twice?
I can't fully understand when(how to) use packet direction in filter rules.
Found on this forum phrase: "...If the interface receives a packet, it is incoming. If the interface sends out a packet on to the network, it is outgoing..." (c)tommiie, but still have questions.
I'll try to write how I understand packet flow(correct me please if I wrong):
Packet addressed directly to any of router's IP addresses always IN.
NAT specific flow is:
1) IN on Internal IF.
2) OUT on External IF.
reply
1)IN on External IF.
2)OUT on Internal IF.
Routing between networks is:
1) IN on src:network IF.
2) OUT on dst:network IF.
Is there any other scenarios that I missed?
In most cases routed/NATed packet flow through PF twice?