Date: Mon, 7 Jul 2025 15:08:05 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 5606ac2fcadf - main - pf.conf.5, pfctl.8: update to PF pfctl(8) and pf.conf(5) manpages Message-ID: <202507071508.567F85Ft016963@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=5606ac2fcadf801fc5485c3326fc678e77eab377 commit 5606ac2fcadf801fc5485c3326fc678e77eab377 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-07-02 16:25:56 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-07-07 15:06:51 +0000 pf.conf.5, pfctl.8: update to PF pfctl(8) and pf.conf(5) manpages great input by Ingo, Jason and Klemens OK schwarze@, OK kn@, OK jmc@ Obtained from: OpenBSD, sashan <sashan@openbsd.org>, acd7255d6a Sponsored by: Rubicon Communications, LLC ("Netgate") --- sbin/pfctl/pfctl.8 | 5 ++++- share/man/man5/pf.conf.5 | 7 ++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8 index 2391c1d1cd12..28efff896956 100644 --- a/sbin/pfctl/pfctl.8 +++ b/sbin/pfctl/pfctl.8 @@ -224,7 +224,10 @@ Flush the tables. .It Fl F Cm osfp Flush the passive operating system fingerprints. .It Fl F Cm Reset -Reset limits, timeouts and options back to default settings. +Reset limits, timeouts and other options back to default settings. +See the OPTIONS section in +.Xr pf.conf 5 +for details. .It Fl F Cm all Flush all of the above. .El diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5 index 3c9706063a65..fe848b030484 100644 --- a/share/man/man5/pf.conf.5 +++ b/share/man/man5/pf.conf.5 @@ -27,7 +27,7 @@ .\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd June 26, 2025 +.Dd July 2, 2025 .Dt PF.CONF 5 .Os .Sh NAME @@ -542,6 +542,9 @@ an ICMP UNREACHABLE is returned for blocked UDP packets, and all other packets are silently dropped. .El .Pp +The default value is +.Cm drop . +.Pp For example: .Bd -literal -offset indent set block-policy return @@ -666,6 +669,8 @@ but can be overridden via this option. Setting this option may leave a small period of time where the fingerprints referenced by the currently active ruleset are inconsistent until the new ruleset finishes loading. +The default location for fingerprints is +.Pa /etc/pf.os . .Pp For example: .Pp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202507071508.567F85Ft016963>