- Note that the synchronisation interface needs to be up and have

an IP address assigned. - Add "quick" keyword to pf.conf example. PR: docs/85209
svn path=/head/; revision=159338
2006-06-06 12:35:53 +00:00 · 2006-06-06 12:35:53 +00:00 · 301402accb · 2020-12-20 02:59:44 +00:00
commit 301402accb
parent 0ae716e5ee
1 changed files with 5 additions and 2 deletions
--- a/contrib/pf/man/pfsync.4
+++ b/contrib/pf/man/pfsync.4
@ -26,7 +26,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 23, 2005
+.Dd June 6, 2006
 .Dt PFSYNC 4
 .Os
 .Sh NAME
@ -104,6 +104,9 @@ interface:
 # ifconfig pfsync0 syncdev fxp0
 .Ed
 .Pp
+It is important that the underlying synchronisation interface is up
+and has an IP address assigned.
+.Pp
 By default, state change messages are sent out on the synchronisation
 interface using IP multicast packets.
 The protocol is IP protocol 240, PFSYNC, and the multicast group
@ -206,7 +209,7 @@ The following should be added to the top of
 .Pa /etc/pf.conf :
 .Bd -literal -offset indent
 pass quick on { sis2 } proto pfsync
-pass on { sis0 sis1 } proto carp keep state
+pass quick on { sis0 sis1 } proto carp keep state
 .Ed
 .Pp
 If it is preferable that one firewall handle the traffic,